Authorization technology
Authorization information determines whether a user or group has the necessary privileges to access resources.
- Authorization involving the web container and Java™ Platform, Enterprise Edition (Java EE) technology
- Authorization involving an enterprise bean application and Java EE technology
- Authorization involving web services and Java EE technology
- Java Message Service (JMS)
- Java Authorization Contract for Containers (JACC)
WebSphere Application Server supports both a default authorization provider and an authorization provider that is based on the Java Authorization Contract for Containers (JACC) specification. The JACC-based authorization provider enables third-party security providers to handle the Java EE authorization. For more information, see JACC support in WebSphere Application Server.
- Java Authentication and Authorization Service (JAAS)
- Java 2 security
- Naming and administrative authorization
- Pluggable authorization
WebSphere Application Server supports an authorization infrastructure that enables you to plug in an external authorization provider. For more information, see Enabling an external JACC provider.
System Authorization Facility (SAF)
As an alternative to WebSphere Application Server authorization, you can use SAF-based authorization, such as the RACF® EJBROLE profile, to control client access to Java Platform, Enterprise Edition (Java EE) roles in EJB and web applications. For more information, see System Authorization Facility for role-based authorization.
In this release of WebSphere Application Server, you can use SAF security to associate a SAF user ID with a distributed identity. See Using distributed identity mapping for SAF for more information.