In this mode, the agent filter and agent realm work together with variousAccess Manager services to ensure the correct evaluation of J2EE policies. These policies may be configured using the declarative security in the application's deployment descriptors, or may be implicit in the code of the application in the cases where it uses the J2EE programmatic security APIs. No URL policies defined in Access Manager take effect in this mode of filter operation. When the deployed application uses declarative security in the web-tier, you must configure the agent to enable this feature. See Enabling Web-Tier Declarative Security in J2EE Agents for more information on how to enable this feature. When running in the J2EE_POLICY mode, the agent ensures that the security principal is set in the system for every authorized user access. In the J2EE_POLICY mode, the agent will not enforce any applicable URL policies as defined in Access Manager.