We plan to add a Policy Enforcement Point (PEP) into the WAS post login and transaction code handled by the WebSphere 8.5 "full" version. Our preliminary tests did throw unusual error messages, which pointed to an issue with loading of the AXIS web service classes and its belonging resource definition. The error showed up at the SSL protocol setup pointed to a missing key- and trust-store, or wrong location.
What handled the error was to change the Java class loader defaults in the browser administrative console, replacing the default PARENT-FIRST class loader behaviour, updating it to the new value of PARENT-LAST which gives preference to the web service classes directly delivered by the application. We also moved .jar libraries belonging to the Balana framework into the standard WEB_INF/lib directory. Having this updated, the application started to execute entitlement connections sending it to WSO2 IS server, interacting with the XACML PDP framework, sending and receiving XACML requests.