Security on Liberty application client container

Security on the Liberty application client container includes SSL, JAAS, and CSIv2.

Application clients are client programs that run in their own Java™ virtual machines. Liberty application client container provides system services for these clients, including security. The security services on the client are a subset of those that are available on the server.

Enabling security on the client

To enable security on the client, add the appSecurityClient-1.0 feature to your client.xml file.

<featureManager>
       <feature>javaeeClient-7.0</feature>
       <feature>appSecurityClient-1.0</feature>
</featureManager>

The appSecurityClient-1.0 feature enables SSL, CSIv2, and JAAS on the client. You must configure SSL to ensure communications between the client and server are secure and encrypted. For more information, see Enabling SSL communication for the Liberty application client container. CSIv2 provides a protocol for the client to send authentication information to the server. The client in a Liberty application client container is not able to assert identities or propagate security attributes. To understand more about CSIv2 and how to configure it on the client, see Common Secure Interoperability version 2 (CSIv2), and Configuring Common Secure Interoperability version 2 (CSIv2) in the Liberty application client container. The JAAS framework on the client enables a client application to gather credentials from the user that is using callbacks, and authenticate that user by using login modules. For more information about authenticating users on the client, see Authentication on Liberty application client container.