Oracle GlassFish Server 3.1 Section 1: asadmin Utility Subcommands
create-connector-connection-pool(1)
create-connector-security-map(1)
create-connector-work-security-map(1)
create-jdbc-connection-pool(1)
create-message-security-provider(1)
create-resource-adapter-config(1)
delete-connector-connection-pool(1)
delete-connector-security-map(1)
delete-connector-work-security-map(1)
delete-jdbc-connection-pool(1)
delete-message-security-provider(1)
delete-resource-adapter-config(1)
disable-http-lb-application(1)
disable-secure-admin-internal-user(1)
disable-secure-admin-principal(1)
enable-secure-admin-internal-user(1)
enable-secure-admin-principal(1)
list-connector-connection-pools(1)
list-connector-security-maps(1)
list-connector-work-security-maps(1)
list-message-security-providers(1)
list-resource-adapter-configs(1)
list-secure-admin-internal-users(1)
list-secure-admin-principals(1)
list-supported-cipher-suites(1)
unfreeze-transaction-service(1)
update-admin-server-coordinates(1)
update-admin-server-local-coordinates(1)
update-connector-security-map(1)
update-connector-work-security-map(1)
Oracle GlassFish Server 3.1 Section 1M: Utility Commands
Oracle GlassFish Server 3.1 Section 5ASC: GlassFish Server Concepts
- enables administrators to create a JACC provider that can be used by third-party authorization modules for applications running in GlassFish Server
create-jacc-provider [--help] [--policyproviderclass pol-provider-class] [--policyconfigfactoryclass pc-factory-class] [--property name=value)[:name=value]*] [--target target] jacc-provider-name
The create-jacc-provider subcommand creates a JSR-115—compliant Java Authorization Contract for Containers (JACC) provider that can be used for authorization of applications running in GlassFish Server. The JACC provider is created as a jacc-provider element within the security-service element in the domain's domain.xml file.
The default GlassFish Server installation includes two JACC providers, named default and simple. Any JACC providers created with the create-jacc-provider subcommand are in addition to these two default providers. The default GlassFish Server JACC providers implement a simple, file-based authorization engine that complies with the JACC specification. The create-jacc-provider subcommand makes it possible to specify additional third-party JACC providers.
You can create any number of JACC providers within the security-service element, but the GlassFish Server runtime uses only one of them at any given time. The jacc-provider element in the security-service element points to the name of the provider that is currently in use by GlassFish Server. If you change this element to point to a different JACC provider, restart GlassFish Server.
This command is supported in remote mode only.
If an option has a short option name, then the short option precedes the long option name. Short options have one dash whereas long options have two dashes.
Displays the help text for the subcommand.
Specifies the fully qualified class name for the javax.security.jacc.policy.provider that implements the java.security.Policy.
Specifies the fully qualified class name for the javax.security.jacc.PolicyConfigurationFactory.provider that implements the provider-specific javax.security.jacc.PolicyConfigurationFactory.
Optional attribute name/value pairs for configuring the JACC provider. The following properties are available:
The directory containing the JACC policy file. For the default GlassFish Server JACC provider, the default directory is ${com.sun.aas.instanceRoot}/generated/policy. This property is not defined by default for the simple GlassFish Server JACC provider.
Specifies the target for which you are creating the JACC provider. The following values are valid:
Creates the JACC provider on the default server instance. This is the default value.
Creates the JACC provider in the specified configuration.
Creates the JACC provider on all server instances in the specified cluster.
Creates the JACC provider on a specified server instance.
The name of the provider used to reference the jacc-provider element in domain.xml.
Example 1 Creating a JACC Provider
The following example shows how to create a JACC provider named testJACC on the default server target.
asadmin> create-jacc-provider --policyproviderclass com.sun.enterprise.security.provider.PolicyWrapper --policyconfigfactoryclass com.sun.enterprise.security.provider.PolicyConfigurationFactoryImpl testJACC Command create-jacc-provider executed successfully.
subcommand executed successfully
error in executing the subcommand