Authorization information determines whether a user or group has the necessary privileges to access resources.
WebSphere Application Server supports both a default authorization provider, which was supported in previous releases, and an authorization provider that is based on the Java Authorization Contract for Containers (JACC) specification. The JACC-based authorization provider enables third-party security providers to handle the J2EE authorization. For more information, see JACC support in WebSphere Application Server .
For more information, see Java Authentication and Authorization Service .
For more information, see Java 2 security .
WebSphere Application Server supports an authorization infrastructure that enables you to plug in an external authorization provider. For more information, see Enabling an external JACC provider .