Security on Liberty application client container
Security on the Liberty application client container includes SSL, JAAS, and CSIv2.
Application clients are client programs that run in their own Java™ virtual machines. Liberty application client container provides system services for these clients, including security. The security services on the client are a subset of those that are available on the server.
Enabling security on the client
appSecurityClient-1.0
feature
to your client.xml file.<featureManager>
<feature>javaeeClient-7.0</feature>
<feature>appSecurityClient-1.0</feature>
</featureManager>
The appSecurityClient-1.0
feature enables SSL, CSIv2, and JAAS on the client.
You must configure SSL to ensure communications between the client and server are secure and
encrypted. For more information, see Enabling SSL communication for the
Liberty application client container.
CSIv2 provides a protocol for the client to send authentication information to the server. The
client in a Liberty application client
container is not able to assert identities or propagate security attributes. To understand more
about CSIv2 and how to configure it on the client, see Common Secure Interoperability version 2 (CSIv2),
and Configuring Common Secure Interoperability version 2 (CSIv2) in the Liberty application client container. The
JAAS framework on the client enables a client application to gather credentials from the user that
is using callbacks, and authenticate that user by using login modules. For more information about
authenticating users on the client, see Authentication on Liberty application client container.