Lesson 2.1: Configure WebSphere eXtreme Scale client security

You configure the client properties with a properties file. The client properties file indicates the CredentialGenerator implementation class to use.

Client properties file contents

The tutorial uses WebSphere Application Server security tokens for the client credential. The samples_home/security_extauth directory contains the client3.props file.

The client3.props file includes the following settings:
securityEnabled
Enables WebSphere eXtreme Scale client security. The value is set to true to indicate that the client must send available security information to the server.
credentialAuthentication
Specifies the client credential authentication support. The value is set to Supported to indicate that the client supports credential authentication.
credentialGeneratorClass
Specifies the name of the class that implements the com.ibm.websphere.objectgrid.security.plugins.CredentialGenerator interface. The value is set to the com.ibm.websphere.objectgrid.security.plugins.builtins. UserPasswordCredentialGenerator class so that the client retrieves the security information from the UserPasswordCredentialGenerator class.
credentialGeneratorProps
Specifies the user name and password: manager manager1. The user name is manager, and the password is manager1. You can also use the FilePasswordEncoder.bat|sh command to encode this property using an exclusive or (xor) algorithm.

Setting the client properties file using Java™ virtual machine (JVM) properties

About this task

In the administrative console, complete the following steps to both the s1 and s2 servers in the appCluster cluster. If you are using a different topology, complete the following steps to all of the application servers to which the EmployeeManagement application is deployed.

Procedure

  1. Click Servers > WebSphere application servers > server_name > Java and Process Management > Process definition > Java Virtual Machine.
  2. Create the following generic JVM property to set the location of the client properties file: 
    -Dobjectgrid.client.props=samples_home/security_extauth/client3.props

    When you connect to a secure data grid, you must configure the client application to provide a valid client security configuration. You can configure the client security configuration through the client application, or you can defined the configuration in a client properties file that has the same value of the JVM property, objectgrid.client.props. When you use the objectgrid.client.props property, the ObjectGridManager obtains the client security configuration from the client properties file and uses this information to connect to the data grid.

  3. Click OK and save your changes.

Lesson checkpoint

You edited the client properties file and configured the servers in the appCluster cluster to use the client properties file. This properties file indicates the CredentialGenerator implementation class to use.