AuthorizationProvider

Specifies the JACC (Java Authorization Contract for Containers) provider's implementation details.



Attributes Summary
j2eePolicyImplClassName : StringSpecifies a dot-separated class that represents the javax.
policyConfigurationImplClassName : String@deprecated since 6.
roleAssignmentConfigImplClassName : String@deprecated since 6.
name : StringA name for this authorization provider.
supportedPermissions : StringNot used.
policyConfigurationFactoryImplClassName : StringSpecifies a dot-separated class that represents the javax.
roleConfigurationFactoryImplClassName : StringThe class name of an implementation class which implements the com.
initializeJACCProviderClassName : StringThe class name of an implementation class which implements the com.
description : StringThe description of the JACC provider.
requiresEJBArgumentsPolicyContextHandler : booleanIndicates if the JACC provider requires the EJBArgumentsPolicyContextHandler to make the access decisions.
supportsDynamicModuleUpdates : booleanSpecifies whether the provider can support dynamic changes to Web modules that contain security roles in an existing J2EE application.
required : booleanNot used.
properties : Property *  

Attribute Details

j2eePolicyImplClassName    -    Specifies a dot-separated class that represents the javax.security.jacc.policy.provider property as per the JACC specification. This class represents the provider-specific implementation of the java.security.Policy abstract methods. The class file must reside in the class path of each WebSphere Application Server process. This class is used during authorization decisions as per the specification.
     data type:  String
     default Value:   unspecified



policyConfigurationImplClassName    -    @deprecated since 6.0.0A classname of an implementation class which implements the com.ibm.websphere.security.authz.PolicyConfiguration service provider interface. This class must reside in a jar on the classpath of each server which will use this provider.
     data type:  String
     default Value:   unspecified



roleAssignmentConfigImplClassName    -    @deprecated since 6.0.0A classname of an implementation class which implements the com.ibm.websphere.security.authz.RoleAssignmentConfig service provider interface. This class must reside in a jar on the classpath of each server which will use this provider.
     data type:  String
     default Value:   unspecified



name    -    A name for this authorization provider.
     data type:  String
     default Value:   unspecified



supportedPermissions    -    Not used. The supportedPermissions attribute is reserved by IBM for a future release.A list of comma separated names listing the permissions that this provider will support. For example: WebResourcePermission, WebUserDataPermission, WebRoleRefPermission, EJBMethodPermission, EJBRoleRefPermission.
     data type:  String
     default Value:   unspecified



policyConfigurationFactoryImplClassName    -    Specifies a dot-separated class that represents the javax.security.jacc.PolicyConfigurationFactory.provider property as per the JACC specification. This class represents the provider-specific implementation of the PolicyConfigurationFactory abstract methods. The class file must reside in the class path of each WebSphere Application Server process. This class is used to propagate the security policy information to the JACC provider during the installation of the J2EE application.
     data type:  String
     default Value:   unspecified



roleConfigurationFactoryImplClassName    -    The class name of an implementation class which implements the com.ibm.wsspi.security.authorization.RoleConfigurationFactory interface. Implementation of this class is optional. When implemented, the authorization table information in the binding file will be propagated to the provider during application install. This class must reside in a jar on the classpath of each server which will use this provider.
     data type:  String
     default Value:   unspecified



initializeJACCProviderClassName    -    The class name of an implementation class which implements the com.ibm.wsspi.security.authorization.InitializeJACCProvider interface. Implementation of this interface is optional. When implemented this class will be called during all the WebSphere processes startup. The Custom Properties that are included for this provider will be passed to the implementation class. This class must reside in a jar on the classpath of each server which will use this provider.
     data type:  String
     default Value:   unspecified



description    -    The description of the JACC provider.
     data type:  String
     default Value:   unspecified



requiresEJBArgumentsPolicyContextHandler    -    Indicates if the JACC provider requires the EJBArgumentsPolicyContextHandler to make the access decisions. Because of the performance impact to support this handler, unless this attribute is enabled, the EJBArgumentsPolicyContextHandler will not be passed to the provider.
     data type: boolean
     default Value:   unspecified
     Allowed Values:  true   false  



supportsDynamicModuleUpdates    -    Specifies whether the provider can support dynamic changes to Web modules that contain security roles in an existing J2EE application. If the option is enabled when a Web module containing security roles is dynamically added, modified, or both, only the specific Web modules are restarted and their policies propagated to the provider. If the option is disabled, the entire application is restarted and the entire application policy will be propagated to the provider. Typically, this option is enabled for an external JACC provider.
     data type: boolean
     default Value:   unspecified
     Allowed Values:  true   false  



required    -    Not used. The required attribute is reserved by IBM for a future release.When multiple JACC providers support the same permission, this flag will indicate if the access decision requires all the JACC providers to return true to access the resource. If this value is false, the authorization access will return true if one of the JACC providers return true.
     data type: boolean
     default Value:   unspecified
     Allowed Values:  true   false  



properties    -     
     data type: Property*


Copyright IBM Corp. 1997-2004