Authorization providers
Overview
The default authorization provider does not require special setup, and the default authorization engine makes all of the authorization decisions. WAS supports third-party security providers based on JACC v1.4, which includes annotations for propagating security policy information. If a JACC provider is used for authorization, Java EE authorization decisions are delegated to the JACC provider, but administrative authorization decisions are still made by the WAS default authorization engine.
Administrative components include...
- Admin console
- MBeans
- Naming
Choose a JACC provider only when you want to work with an external security provider such as TAM.
Subtopics
JACC support in WAS
JACC providers
JACC policy context handlers
JACC policy context identifiers (ContextID) format
JACC policy propagation
JACC registration of the provider implementation classes
Role-based security with embedded TAM
TAM integration as the JACC provider
TAM security for WAS
Security Annotations
Related concepts
Authorization technology
Related tasks
Enable an external JACC provider
Authorize access to J2EE resources using TAM
Propagate security policy of installed applications to a JACC provider using wsadmin scripting
Related
Interfaces that support JACC
Security authorization provider troubleshooting tips