TAM JACC provider configuration
You can configure the Java Authorization Contract for Containers (JACC) provider for TAM to deliver authentication and authorization protection for your applications or for authentication only. Most deployments that use the JACC provider for TAM to configure TAM provide both authentication and authorization functionality.
If you want TAM to provide authentication, but leave authorization as part of WAS's native security, add the property...
com.tivoli.pd.as.amwas.DisableAddAuthorizationTableEntry=true
...to the file...
profile_root/config/cells/cell_name/amwas.amjacc.template.properties
After this property is set, perform the tasks for setting TAM Security, as documented.
You can configure the JACC provider for TAM using either the WebSphere Application Server console or the wsadmin command-line utility.
- Configure the JACC provider for TAM using the administrative console.
- Configure the JACC provider for TAM using the wsadmin utility.
The JACC configuration files for TAM that are common across multiple WAS profiles are created by default under the java/jre directory. When you install WAS, you are given permissions to read and write to the files in this directory.
![[AIX HP-UX Solaris]](../../unix.gif)
Profiles created by users who are different to the user that installed the application have read-only permissions for this directory.
This situation is not ideal because configuration of the JACC provider for TAM fails in these situations. To avoid this situation, edit...
profile_root/config/cells/cell_name/amwas.amjacc.template.properties
...and add the property...
com.tivoli.pd.as.jacc.CommonFileLocation=new_location
...where where new location is a fully qualified directory name.
This property applies read and write permissions to the java/jre directory. The wsadmin command is available to reconfigure the Java Authorization Contract for Containers (JACC) TAM interface:
$AdminTask reconfigureTAM -interactive
This command effectively prompts you through the process of unconfiguring the interface and then reconfiguring it.
Related tasks
Enabling embedded TAMConfigure the JACC provider for TAM using the administrative console
Configure the JACC provider for TAM using the wsadmin utility
Configure the JACC provider for TAM using the administrative console