JACC registration of the provider implementation classes
The JACC specification states that providers can plug in their provider using the system properties javax.security.jacc.policy.provider and javax.security.jacc.PolicyConfigurationFactory.provider.
The javax.security.jacc.policy.provider property is used to set the policy object of the provider, while the javax.security.jacc.PolicyConfigurationFactory.provider property is used to set the provider’s PolicyConfigurationFactory implementation.
Although both system properties are supported in WebSphere Application Server, it is highly recommended that you use the configuration model provided. We can set these values using either the JACC configuration panel (see Configuring a JACC provider for more information) or by using wsadmin scripting. One of the advantages of using the configuration model instead of the system properties is that the information is entered in one place at the cell level, and is propagated to all nodes during synchronization. Also, as part of the configuration model, additional properties can be entered as described in the JACC configuration panel.
This is especially true in the case of a network deployment (ND) environment where multiple application servers can exist in the configuration. If the system properties are used, ensure that each of the Java virtual machine (JVM) processes in the configuration should set these properties. If the configuration model is used, the information is propagated to all processes through the synchronization process of the application server.
See Also
Authorization in WebSphere Application Server
Tivoli Access Manager integration as the JACC provider
JACC support in WebSphere Application Server
Related Tasks
Enabling an external JACC provider
Configuring a JACC provider
Propagating security policy of installed applications to a JACC provider using wsadmin scripting
See Also
Interfaces used to support JACC
Troubleshooting authorization providers