Authorization information determines whether a user or group has the necessary privileges to access resources.
WebSphere Application Server supports both a default authorization provider and an authorization provider that is based on the Java Authorization Contract for Containers (JACC) specification. The JACC-based authorization provider enables third-party security providers to handle the Java EE authorization. For more information, see JACC support in WebSphere Application Server.
For more information, see Java Authentication and Authorization Service.
For more information, see Java 2 security.
WebSphere Application Server supports an authorization infrastructure that enables you to plug in an external authorization provider. For more information, see Enabling an external JACC provider.
As an alternative to WebSphere Application Server authorization, you can use SAF-based authorization, such as the RACF® EJBROLE profile, to control client access to Java Platform, Enterprise Edition (Java EE) roles in EJB and web applications. For more information, see System Authorization Facility for role-based authorization.
In this release of WebSphere Application Server, you can use SAF security to associate a SAF user ID with a distributed identity. See Using distributed identity mapping for SAF for more information.