Authorization technology

Authorization information determines whether a user or group has the necessary privileges to access resources. WebSphere Application Server supports many authorization technologies including the following:

• Authorization involving the Web container and Java 2 Platform, Enterprise Edition (J2EE) technology

• Authorization involving an enterprise bean application and J2EE technology

• Authorization involving Web services and J2EE technology

• Java Message Service (JMS)

• Java Authorization Contract for Containers (JACC)

  WebSphere Application Server supports both a default authorization provider, which was supported in previous releases, and an authorization provider that is based on the Java Authorization Contract for Containers (JACC) specification. The JACC-based authorization provider enables third-party security providers to handle the J2EE authorization. For more information, see JACC support in WebSphere Application Server.

• Java Authentication and Authorization Service (JAAS)

  For more information, see Java Authentication and Authorization Service.

• Java 2 security

  For more information, see Java 2 security.

• Naming and administrative authorization

• Pluggable authorization

  WebSphere Application Server supports an authorization infrastructure that enables you to plug in an external authorization provider. For more information, see Enabling an external JACC provider.

Sub-topics

Related concepts

Related tasks

Related Reference