Use the New JACC Provider page to create a new JSR-115/196compliant Java Authorization Contract for Containers (JACC) provider that can be used by third-party authorization modules for applications running in GlassFish Server. The JACC provider is created as a jacc-provider
element within the security-service
element in the domain's domain.xml
file.
The default GlassFish Server installation includes two JACC providers, named default
and simple
. Any new JACC providers you create are in addition to these two default providers. The default GlassFish Server JACC providers implement a simple, file-based authorization engine that complies with the JACC specification.
All GlassFish Server JACC providers must use the Java Authentication and Authorization Service (JAAS) APIs. JAAS enables services to authenticate and enforce access controls upon users. JAAS implements a Java technology version of the standard Pluggable Authentication Module (PAM) framework.
JSR 196 allows you to develop plugins at different layers. You can define plugins that change the way new authentication mechanism are configured, such as AuthConfigProvider
and AuthConfigFactory
. You can also define new authentication mechanisms, such as ServerAuthModule
and ClientAuthModule
.
The New JACC Provider page contains the following options.
The name of the configuration to which the settings on this page apply. This field is read only.
The name of the JACC provider. This name is used to reference the jacc-provider
element in domain.xml
.
The fully qualified class name for the javax.security.jacc.PolicyConfigurationFactory.provider
that implements the provider-specific javax.security.jacc.PolicyConfigurationFactory
.
The fully qualified class name for the javax.security.jacc.policy.provider
that implements the java.security.Policy
.
Additional properties for the JACC provider. For a description of the additional properties that are available for JACC providers, see Properties Specific to JACC Providers.