blob: baca7e934e6ba9435c0b661f96f4ab883519442a [file] [log] [blame]
type=page
status=published
title=create-jacc-provider
next=create-javamail-resource.html
prev=create-instance.html
~~~~~~
= create-jacc-provider
[[create-jacc-provider-1]][[GSRFM00034]][[create-jacc-provider]]
== create-jacc-provider
Enables administrators to create a JACC provider that can be used by
third-party authorization modules for applications running in
{productName}
[[sthref304]]
=== Synopsis
[source]
----
asadmin [asadmin-options] create-jacc-provider [--help]
[--policyproviderclass pol-provider-class]
[--policyconfigfactoryclass pc-factory-class]
[--property name=value)[:name=value]*]
[--target target] jacc-provider-name
----
[[sthref305]]
=== Description
The `create-jacc-provider` subcommand creates a JSR-115—compliant Java
Authorization Contract for Containers (JACC) provider that can be used
for authorization of applications running in {productName}. The JACC
provider is created as a `jacc-provider` element within the
`security-service` element in the domain's `domain.xml` file.
The default {productName} installation includes two JACC providers,
named `default` and `simple`. Any JACC providers created with the
`create-jacc-provider` subcommand are in addition to these two default
providers. The default {productName} JACC providers implement a
simple, file-based authorization engine that complies with the JACC
specification. The `create-jacc-provider` subcommand makes it possible
to specify additional third-party JACC providers.
You can create any number of JACC providers within the
`security-service` element, but the {productName} runtime uses only
one of them at any given time. The `jacc-provider` element in the
`security-service` element points to the name of the provider that is
currently in use by {productName}. If you change this element to
point to a different JACC provider, restart {productName}.
This command is supported in remote mode only.
[[sthref306]]
=== Options
If an option has a short option name, then the short option precedes the
long option name. Short options have one dash whereas long options have
two dashes.
asadmin-options::
Options for the `asadmin` utility. For information about these
options, see the link:asadmin.html#asadmin-1m[`asadmin`(1M)] help page.
`--help`::
`-?`::
Displays the help text for the subcommand.
`--policyproviderclass`::
Specifies the fully qualified class name for the
`javax.security.jacc.policy.provider` that implements the
`java.security.Policy`.
`--policyconfigfactoryclass`::
Specifies the fully qualified class name for the
`javax.security.jacc.PolicyConfigurationFactory.provider` that
implements the provider-specific
`javax.security.jacc.PolicyConfigurationFactory`.
`--property`::
Optional attribute name/value pairs for configuring the JACC provider.
The following properties are available:
`repository`;;
The directory containing the JACC policy file. For the `default`
{productName} JACC provider, the default directory is
`${com.sun.aas.instanceRoot}/generated/policy`. This property is not
defined by default for the `simple` {productName} JACC provider.
`--target`::
Specifies the target for which you are creating the JACC provider. The
following values are valid:
`server`;;
Creates the JACC provider on the default server instance. This is
the default value.
configuration_name;;
Creates the JACC provider in the specified configuration.
cluster_name;;
Creates the JACC provider on all server instances in the specified
cluster.
instance_name;;
Creates the JACC provider on a specified server instance.
[[sthref307]]
=== Operands
jacc-provider-name::
The name of the provider used to reference the `jacc-provider` element
in `domain.xml`.
[[sthref308]]
=== Examples
[[GSRFM491]][[sthref309]]
==== Example 1   Creating a JACC Provider
The following example shows how to create a JACC provider named
`testJACC` on the default `server` target.
[source]
----
asadmin> create-jacc-provider
--policyproviderclass org.glassfish.exousia.modules.locked.SimplePolicyProvider
--policyconfigfactoryclass org.glassfish.exousia.modules.locked.SimplePolicyConfigurationFactory
testJACC
Command create-jacc-provider executed successfully.
----
[[sthref310]]
=== Exit Status
0::
subcommand executed successfully
1::
error in executing the subcommand
[[sthref311]]
=== See Also
link:asadmin.html#asadmin-1m[`asadmin`(1M)]
link:delete-jacc-provider.html#delete-jacc-provider-1[`delete-jacc-provider`(1)],
link:list-jacc-providers.html#list-jacc-providers-1[`list-jacc-providers`(1)]