How to Configure an Alternative Glassfish Container Policy Provider
By monzillo on Jan 04, 2010
Glassfish v3 bundles 2 alternative container policy providers. By default, Glassfish is configured to use a file-based provider based on the PolicyFile implementation of the JDK. Glassfish can be reconfigured to use an alternative provider by setting a specific value for the "jacc" attribute of the security-service element in domain.xml. The value of this attribute must be the name of a jacc-provider sub-element within security-service element. The default value of the "jacc" attribute is "default", which matches the name of the file based jacc-provider. Setting the value of this attribute to "simple", will cause the in-memory provider to be used. The admin console may be used to define additional jacc-provider configurations in domain.xml, and then any such provider can be configured for use by the Glassfish security-service, by setting its name as the value of the "jacc" attribute.