12.3. Configuring the Security Subsystem
12.3.1. Configure the Security Subsystem
You can configure the security subsystem using the Management CLI or web-based Management Console.
Each top-level element within the security subsystem contains information about a different aspect of the security configuration. Refer to Section 12.2, “About the Structure of the Security Subsystem” for an example of security subsystem configuration.
- <security-management>
- This section overrides high-level behaviors of the security subsystem. It contains an optional setting
deep-copy-subject-mode, that specifies whether to copy or link to security tokens, for additional thread safety. - <security-domains>
- A container element which holds multiple security domains. A security domain may contain information about authentication, authorization, mapping, and auditing modules, as well as JASPI authentication and JSSE configuration. Your application would specify a security domain to manage its security information.
- <security-properties>
- Contains names and values of properties which are set on the java.security.Security class.
