asadmin [asadmin-options] create-jacc-provider [--help]
[--policyproviderclass pol-provider-class]
[--policyconfigfactoryclass pc-factory-class]
[--property name=value)[:name=value]*]
[--target target] jacc-provider-name
|
create-jacc-provider |
| Previous | Next | Contents |
enables administrators to create a JACC provider that can be used by third-party authorization modules for applications running in \{product---name}
Synopsis
asadmin [asadmin-options] create-jacc-provider [--help]
[--policyproviderclass pol-provider-class]
[--policyconfigfactoryclass pc-factory-class]
[--property name=value)[:name=value]*]
[--target target] jacc-provider-name
Description
The create-jacc-provider subcommand creates a JSR-115—compliant Java
Authorization Contract for Containers (JACC) provider that can be used
for authorization of applications running in \{product---name}. The JACC
provider is created as a jacc-provider element within the
security-service element in the domain’s domain.xml file.
The default \{product---name} installation includes two JACC providers,
named default and simple. Any JACC providers created with the
create-jacc-provider subcommand are in addition to these two default
providers. The default \{product---name} JACC providers implement a
simple, file-based authorization engine that complies with the JACC
specification. The create-jacc-provider subcommand makes it possible
to specify additional third-party JACC providers.
You can create any number of JACC providers within the
security-service element, but the \{product---name} runtime uses only
one of them at any given time. The jacc-provider element in the
security-service element points to the name of the provider that is
currently in use by \{product---name}. If you change this element to
point to a different JACC provider, restart \{product---name}.
This command is supported in remote mode only.
Options
If an option has a short option name, then the short option precedes the long option name. Short options have one dash whereas long options have two dashes.
Options for the asadmin utility. For information about these
options, see the asadmin(1M) help page.
--help-?Displays the help text for the subcommand.
--policyproviderclassSpecifies the fully qualified class name for the
javax.security.jacc.policy.provider that implements the
java.security.Policy.
--policyconfigfactoryclassSpecifies the fully qualified class name for the
javax.security.jacc.PolicyConfigurationFactory.provider that
implements the provider-specific
javax.security.jacc.PolicyConfigurationFactory.
--propertyOptional attribute name/value pairs for configuring the JACC provider.
The following properties are available:
repositoryThe directory containing the JACC policy file. For the default
\{product---name} JACC provider, the default directory is
${com.sun.aas.instanceRoot}/generated/policy. This property is not
defined by default for the simple \{product---name} JACC provider.
--targetSpecifies the target for which you are creating the JACC provider. The
following values are valid:
serverCreates the JACC provider on the default server instance. This is the default value.
Creates the JACC provider in the specified configuration.
Creates the JACC provider on all server instances in the specified cluster.
Creates the JACC provider on a specified server instance.
Operands
The name of the provider used to reference the jacc-provider element
in domain.xml.
Examples
Example 1 Creating a JACC Provider
The following example shows how to create a JACC provider named
testJACC on the default server target.
asadmin> create-jacc-provider
--policyproviderclass com.sun.enterprise.security.provider.PolicyWrapper
--policyconfigfactoryclass com.sun.enterprise.security.provider.PolicyConfigurationFactoryImpl
testJACC
Command create-jacc-provider executed successfully.
Exit Status
subcommand executed successfully
error in executing the subcommand
See Also
| Previous | Next | Contents |
Copyright © 2019, Oracle and/or its affiliates. All rights reserved.