[.net programming language only][Version 8.6.0.2 and later]

Configuring data grid security for WebSphere eXtreme Scale Client for .NET

[Version 8.6 and later] You can configure .NET and Java™ to communicate over Secure Sockets Layer (SSL) and to use the UserPassword authentication logic.

Before you begin

You must have the key.jks and trust.jks files for your environment. For more information about creating keystore and truststore files, see Java SE security tutorial - Step 6.

Procedure

Enable and configure security in your servers.
If security is not already configured on your servers, use the following steps to configure security with the external authenticator sample.
  1. Obtain the sample security files.
    Download the sample files in the security_extauth.zip file from on the WebSphere eXtreme Scale wiki.
    • xsjaas3.config : Defines the Java Authentication and Authorization Service (JAAS) configuration.
    • sampleKS3.jks Contains the keystore of JAAS user and password values.
    • security3.xml Defines the authenticator to use for security.
  2. Edit the xsjaas3.config file and fix the path to the sampleKS3.jks file.
  3. If you want to generate your own private keystore instead of using the sample sampleKS3.jks file, use the keytool utility to generate the private key. 
    keytool -genkey -alias myalias -keysize 2048 -keystore key.jks -keyalg rsa -dname 
"CN=www.mydomain.com" -storepass password -keypass password -validity 3650
  4. Edit the sampleServer.properties to enable security.
    The sampleServer.properties file is in the wxs_install_root\properties directory. Uncomment and edit the following property values: 
    securityEnabled=true
secureTokenManagerType=none 
alias=ogsample
contextProvider=IBMJSSE2
protocol=SSL
keyStoreType=JKS
keyStore=../../../../xio.test/etc/test/security/key.jks
keyStorePassword=ogpass
trustStoreType=JKS
trustStore=../../../../xio.test/etc/test/security/trust.jks
trustStorePassword=ogpass
  5. Start the catalog and container servers. 
    startXsServer.bat cs0 -catalogServiceEndPoints cs0:localhost:6600:6601 
-listenerPort 2809 -objectgridFile gettingstarted\xml\objectgrid.xml
-deploymentPolicyFile gettingstarted\xml\deployment.xml -serverProps 
..\properties\sampleServer.properties 
-clusterSecurityFile security3.xml -jvmArgs 
-Djava.security.auth.login.config="xsjaas3.config"
    startXsServer.bat c0 -catalogServiceEndPoints localhost:2809 
-objectgridFile gettingstarted\xml\objectgrid.xml
-deploymentPolicyFile gettingstarted\xml\deployment.xml -serverProps 
..\properties\sampleServer.properties 
-clusterSecurityFile security3.xml -jvmArgs 
-Djava.security.auth.login.config="xsjaas3.config"

What to do next

Configure Transport Layer Security (TLS) for WebSphere® eXtreme Scale Client for .NET. For more information, see Configuring TLS for WebSphere eXtreme Scale Client for .NET.