Runtime security services external authorization service

The runtime security services external authorization service (EAS) provides the policy enforcement point function for context-based access. We can configure the runtime security services EAS to include context-based access decisions as part of the standard authorization on WebSEAL requests. WebSEAL becomes the authorization enforcement point for access to resources that context-based access protects. The runtime security services EAS constructs a request that it sends to the policy decision point (PDP). Based on the policy decision that is received from the PDP, the EAS takes one of the actions listed in the following table.

The following steps set up the initial integration with Advanced Access Control:

  1. Configure runtime security services for client certificate authentication.

  2. Run the isamcfg tool to automatically update the WebSEAL configuration file and to complete other configuration setup.

  3. (Optional) Update the WebSEAL configuration file to:

For information about WebSEAL, see web reverse proxy configuration.


Parent topic: Advanced Access Control configuration