11.3. Configure the Security Subsystem

You can configure the security subsystem using the Management CLI or web-based Management Console.
Each top-level element within the security subsystem contains information about a different aspect of the security configuration. Refer to Section 11.2, “About the Structure of the Security Subsystem” for an example of security subsystem configuration.
<security-management>
This section overrides high-level behaviors of the security subsystem. It contains an optional setting deep-copy-subject-mode, that specifies whether to copy or link to security tokens, for additional thread safety.
<security-domains>
A container element which holds multiple security domains. A security domain may contain information about authentication, authorization, mapping, and auditing modules, as well as JASPI authentication and JSSE configuration. Your application would specify a security domain to manage its security information.
<security-properties>
Contains names and values of properties which are set on the java.security.Security class.