safAuthorization - SAF Authorization (safAuthorization)

Controls the security credential domain for SAF.

NameTypeDefaultDescription
idstringA unique configuration ID.
roleMapperstringcom.ibm.ws.security.authorization.saf.internal.SAFRoleMapperImplOSGi component name of the SAF role mapper service provider.
racRouteLog
  • ASIS
  • NOFAIL
  • NONE
  • NOSTAT
NONESpecifies the types of access attempts to log.
ASIS
Records the event in the manner specified in the profile that protects the resource, or by other methods such as the SETROPTS option.
NOFAIL
If the authorization check fails, the attempt is not recorded. If the authorization check succeeds, the attempt is recorded as in ASIS.
NONE
The attempt is not recorded.
NOSTAT
The attempt is not recorded. No logging occurs and no resource statistics are updated.
enableDelegationbooleanfalseEnable RunAs delegation via SAF EJBROLE profiles.