Configuring client security on a catalog service domain
By configuring client security on a catalog service domain, you can define default client authentication configuration properties. These properties are used when a client properties file is not located in the Java virtual machine (JVM) that is hosting the client or when the client does not programmatically specify security properties. If a client properties file exists, the properties that you specify in the console override the values in the file. You can override these properties by specifying a splicer.properties file with the com.ibm.websphere.xs.sessionFilterProps custom property or by splicing the application EAR file.
Before you begin
- You must
know the CredentialGenerator implementation
that you are using to authenticate clients with the remote data grid.
You can use one of the implementations that are provided by WebSphere® eXtreme Scale: UserPasswordCredentialGenerator or WSTokenCredentialGenerator.
You can also use a custom implementation of the CredentialGenerator interface. The custom implementation must be in the class path of the runtime client and the server. If you are configuring an HTTP session scenario with WebSphere Application Server, you must put the implementation in the class path of the deployment manager and the class path of the application server in which the client is running.
- You must have a catalog service domain defined. See Creating catalog service domains in WebSphere Application Server for more information.
About this task
- The server-side security policy has the credentialAuthentication property set to Required.
- The server-side security policy has the credentialAuthentication property set to Supported AND an authorizationMechanism has been specified in the ObjectGrid XML file.