Authorization information determines whether a user or group has the necessary privileges to access resources. WebSphere Application Server supports many authorization technologies including the following:
WebSphere Application Server supports both a default authorization provider, which was supported in previous releases, and an authorization provider that is based on the Java Authorization Contract for Containers (JACC) specification. The JACC-based authorization provider enables third-party security providers to handle the J2EE authorization. For more information, see JACC support in WebSphere Application Server.
For more information, see Java Authentication and Authorization Service.
For more information, see Java 2 security.
WebSphere Application Server supports an authorization infrastructure that enables you to plug in an external authorization provider. For more information, see Enabling an external JACC provider.