Configuring Authentication and Authorization for the Embedded OC4J Server

Authentication and authorization services enable applications to control access to protected resources. The JAZN tool is the provider for the Java Authentication and Authorization Service (JAAS) in OC4J.

Use the Authentication (JAZN) branches of the Embedded OC4J Server Preferences dialog to configure JAZN. The configuration is recorded in <jdev_install>/jdev/system<release_number >/oc4j-config/jazn-data.xml, but this file should not be edited except through the Embedded OC4J Server Preferences dialog, as described here.

Authentication and authorization involves realms, users, roles, policies, permissions, principals, and login modules.

To configure authentication for the embedded OC4J server:

1. If you have not already done so, open the Embedded OC4J Server Preferences dialog:
   1. In the navigator, select a project.
   2. From the main menu, choose Tools | Em bedded OC4J Server Preferences.
2. If you are configuring the global services, expand the Global - Authentication (JAZN) branch of the dialog's tree, and work in its pages. If you are configuring local services for the selected project's workspace, use the Current Workspace - Authentication (JAZN) branch.

   For specific information about a dialog page, click Help.

3. Define principals that represent specific user and role identities. Select the Principal Classes page, and edit it as desired.
4. Define permissions that authorize access to specific system resources. Select the Permission Classes page, and edit it as desired.
5. Define or redefine policies that associate principals with permissions. Select the Policies page, and
   • click New to create a new policy, or
   • select a policy (a child of the Policies page) to open it in a Policies <Instance> page, in which you can browse or modify it, or
   • select a policy and click Delete to remove it.
6. Define or redefine realms that associate users with roles. Select the Realms page, and
   • click New to create a new realm, or
   • select a realm (a child of the Realms page) to open it in Realms <Instance>, Users, and Roles pages, in which you can browse or modify it, or
   • select a realm and click Delete to remove it.
7. Define or redefine login configurations that associate applications with login modules. Select the Login Configuration page, and
   • click New to create a new login configuration, or
   • select a login configuration (a child of the Login Configuration page) to open it in a Login Configuration <Instance> page, in which you can browse or modify it, or
   • select a login configuration and click Delete to remove it.

For more information, see Java Authentication and Authorization Service (JAAS) at java.sun.com/products/jaas.

Related topics

Administering the Embedded OC4J Server

Copyright © 1997, 2004, Oracle. All rights reserved.