Authorizing access to resources in the Liberty profile
The purpose of authorization is to determine whether a user or group has the necessary privileges to access a resource.
To learn about how authorization works in the Liberty profile, see Authorization.
Subtopics
- Configure authorization for applications
Configuring authorization for the application is to verify whether a user or group belongs to a specified role, and whether this role has the privilege to access a resource.
- Configure security authorization for Liberty profile servers on IBM i
Using the iAdmin GRANTAUTH command, we can authorize the QEJBSVR user profile to access the required resources for running the Liberty profile server.
- OAuth
OAuth is an open standard for delegated authorization. With the OAuth authorization framework, a user can grant a third-party application access to their information stored with another HTTP service without sharing their access permissions or the full extent of their data.
Parent topic: Secure the Liberty profile and its applicationsConcepts:
Authorization Tasks:
Authenticate users Configure a basic user registry Configure authentication aliases