Network Deployment (Distributed operating systems), v8.0 > Secure applications and their environment > Authorizing access to resources
Authorization information determines whether a user or group has the necessary privileges to access resources.
WAS supports many authorization technologies including the following:
- Authorization involving the web container and Java EE technology
- Authorization involving an enterprise bean application and Java EE technology
- Authorization involving web services and Java EE technology
WAS supports both a default authorization provider and an authorization provider that is based on the JACC specification. The JACC-based authorization provider enables third-party security providers to handle the Java EE authorization. See JACC support in WAS.
- Java 2 security
See Java 2 security.
- Naming and administrative authorization
- Pluggable authorization
WAS supports an authorization infrastructure that enables you to plug in an external authorization provider. See Enable an external JACC provider.
Administrative roles and naming service authorization
Web component security
Java 2 security
Multiple security domains
Secure enterprise bean applications