WebSphere Application Server - Express, Version 6.0.x     Operating Systems: AIX, HP-UX, Linux, Solaris, Windows

Enabling an external JACC provider

Before you begin

The Java Authorization Contract for Containers (JACC) defines a contract between Java 2 Platform, Enterprise Edition (J2EE) containers and authorization providers. This contract enables any third-party authorization providers to plug into a J2EE 1.4 application server such as WebSphere Application Server to make the authorization decisions when a J2EE resource is accessed.

To enable an external JACC provider using the administrative console:

Steps for this task

  1. From the WebSphere Application Server administrative console, click Security > Global security.
  2. Under Authorization, click Authorization providers.
  3. Under Related items, click External JACC provider.
  4. The fields are set for Tivoli Access Manager by default. If you do not plan to use Tivoli Access Manager as the JACC provider, replace these fields with the details for your own external JACC provider.
  5. If any custom properties are required by the JACC provider, click Custom properties under Additional properties and enter the properties. When using the Tivoli Access Manager, use the Tivoli Access Manager properties link instead of the Custom properties link.
  6. Select the External authorization using a JACC provider option and click OK. To access this option, click Security > Global Security. Under Authorization, click Authorization providers.
  7. Complete the remaining steps to enable global security. If you are using the Tivoli Access Manager you must select LDAP as the user registry. This same LDAP server should be used by the Tivoli Access Manager. For more information on configuring LDAP registries, see Configuring Lightweight Directory Access Protocol user registries.
  8. In a multinode environment, start the deployment manager configuration by issuing the following commands:
    install_dir/profiles/profile_name/bin/stopManager.bat -username user_name -password password
    install_dir/profiles/profile_name/bin/startManager.bat
    
  9. Restart all servers to make these changes effective.



Sub-topics
External Java Authorization Contract for Containers provider settings

Related concepts
Authorization in WebSphere Application Server
Tivoli Access Manager integration as the JACC provider
JACC providers
JACC support in WebSphere Application Server

Related tasks
Configuring a JACC provider
Propagating security policy of installed applications to a JACC provider using wsadmin scripting

Related reference
Interfaces used to support JACC
Troubleshooting authorization providers

Task topic    

Terms of Use | Feedback

Last updated: Jun 8, 2005 12:45:23 PM EDT
http://publib.boulder.ibm.com/infocenter/wasinfo/v6r0/index.jsp?topic=/com.ibm.websphere.express.doc/info/exp/ae/tsec_jaccenable.html

© Copyright IBM Corporation 2004, 2005. All Rights Reserved.
This information center is powered by Eclipse technology. (http://www.eclipse.org)