The Java Authorization Contract for Container (JACC) provider for Tivoli® Access Manager is configured by default. Use this topic to enable the JACC provider for Tivoli Access Manager.
Field | Value |
---|---|
Name | Tivoli Access Manager |
Description | This field is optional and used as a reference. |
J2EE policy class name | com.tivoli.pd.as.jacc.TAMPolicy |
Policy configuration factory class name | com.tivoli.pd.as.jacc.TAMPolicyConfigurationFactory |
Role configuration factory class name | com.tivoli.pd.as.jacc.TAMRoleConfigurationFactory |
JACC provider initialization class name | com.tivoli.pd.as.jacc.cfg.TAMConfigInitialize |
Requires the EJB arguments policy context handler for access decisions | false |
Supports dynamic module updates | true |
Name | Default value | Description |
---|---|---|
Enable embedded Tivoli Access Manager | Unchecked | When you select this check box, the embedded Tivoli Access Manager is configured or reconfigured. When you clear this check box, the embedded Tivoli Access Manager is unconfigured. |
Ignore errors during embedded Tivoli Access Manager disablement | Unchecked | If you check this check box and click OK or Apply, when you unconfigure the embedded Tivoli Access Manager, any unconfiguration errors are ignored and the process completes. If you do not check this check box, unconfiguration errors cause the unconfiguration process to stop. |
Client listening port | 8900:8999 | When the embedded Tivoli Access Manager is configured and running,
it requires several ports to listen for updates to the access control
list database for Tivoli Access
Manager. The value in this field is a range of port numbers that Tivoli Access Manager can use
for this purpose. The first 20% of this range is reserved for the
deployment manager. You can enter multiple ranges or individual port
numbers in a line separated list. For example: 8900:8999 |
Policy server | This field value specifies the name and
port number of the configure and running Tivoli Access Manager policy server. The format
is server:port For example:snapper.ibm.com:7135 |
|
Authorization servers | This field contains the names, port numbers,
and priorities of all of the configured and running Tivoli Access Manager authorization servers.
This field must contain at least one authorization server. If multiple
authorization servers are listed, those servers are used for failover.
The server with priority 1 is used first with failover to server priority
2 and so on. The format is server:port:priority with each authorization
server listed on a different line. For example: snapper.ibm.com:7136:1 |
|
Authorization user name | sec_master | This field value specifies the administrative user name for Tivoli Access Manager. |
Administrator user password | This field value specifies the password for Tivoli Access Manager. | |
User registry distinguished name suffix | This field value is the suffix that is set
up in the user registry to contain the users and groups for Tivoli Access Manager. For example
using IBM® Tivoli Directory Server: o=ibm,c=au |
|
Security domain | Default | This field value specifies the configured security domain to use for the embedded Tivoli Access Manager. |
Administrator user distinguished name | This field specifies the fully distinguished
user name of the primary administrative user for WebSphere® Application Server security.
For example using IBM Tivoli Directory Server: cn=wasadmin,o=ibm,c=au |
For more information, see Tivoli Access Manager JACC provider settings.