Network Deployment (Distributed operating systems), v8.0 > Administer applications and their environment > Use the administrative clients > Use administrative programs (JMX) > Extend the WAS administrative system with custom MBeans
Access to the JMX administrative subsystem requires role-based access control when administrative security is enabled.
A client, which can be a user or an administrative client program, can access an MBean method only if at least one of the required roles is granted to the client. WAS uses the declarative security approach to specify the security policy on the JMX MBean. This approach has the advantage of not requiring MBean developers to add security code. Moreover, WAS provides a default security policy for an MBean so in most case MBean developers do not need to specify a security policy at all. With WAS, you can define explicit security policy for your MBeans if the default security policy does not meet your specific security requirements.
Default MBean security policy
Define an explicit MBean security policy