We made some enhancements in Prelude to improve JACC policy provider replacability, and we added a new portable in-memory JACC Policy provider that can be configured as an alternative to the file-based JACC Policy provider. The file-based provider is configured by default. To enable the in-memory provider, do the following:
stop the application server (i.e., asadmin stop-domain)
edit domain.xml and add or change the security-service element to define the attribute jacc="simple"
restart the application server. (i.e, asadmin start-domain)
The in-memory provider was developed both to provide a simpler and more performant alternative, as well as to serve as a sample to help others develop their own providers. Portability was achieved by defining a JACCRoleMapper interface, and by defining the provider such that it can be trained (via a system property, i.e., com.sun.enterprise.security.jacc.provider.JACCRoleMapper) to use a system specific implementation of the JACCRoleMapper interface. The source of the in-memory provider is available in the