You can configure .NET and Java™ to communicate over Secure Sockets Layer
(SSL) and to use the UserPassword authentication logic.
Before you begin
You must have the key.jks and trust.jks files
for your environment. For more information about
creating keystore and truststore files, see Java SE security tutorial - Step 6.
Procedure
Enable and configure security in your servers. If
security is not already configured on your servers, use the following
steps to configure security with the external authenticator sample.
- Obtain the sample security files.
Download
the sample files in the
security_extauth.zip file
from on the
WebSphere eXtreme Scale wiki.
- xsjaas3.config : Defines the Java Authentication and Authorization Service
(JAAS) configuration.
- sampleKS3.jks Contains the keystore of JAAS
user and password values.
- security3.xml Defines the authenticator to
use for security.
- Edit the xsjaas3.config file and
fix the path to the sampleKS3.jks file.
- If you want to generate your own private keystore instead
of using the sample sampleKS3.jks file, use the keytool utility
to generate the private key.
keytool -genkey -alias myalias -keysize 2048 -keystore key.jks -keyalg rsa -dname
"CN=www.mydomain.com" -storepass password -keypass password -validity 3650
- Edit the sampleServer.properties to
enable security.
The
sampleServer.properties file
is in the
wxs_install_root\properties directory.
Uncomment and edit the following property values:
securityEnabled=true
secureTokenManagerType=none
alias=ogsample
contextProvider=IBMJSSE2
protocol=SSL
keyStoreType=JKS
keyStore=../../../../xio.test/etc/test/security/key.jks
keyStorePassword=ogpass
trustStoreType=JKS
trustStore=../../../../xio.test/etc/test/security/trust.jks
trustStorePassword=ogpass
- Start the catalog and container servers.
startXsServer.bat cs0 -catalogServiceEndPoints cs0:localhost:6600:6601
-listenerPort 2809 -objectgridFile gettingstarted\xml\objectgrid.xml
-deploymentPolicyFile gettingstarted\xml\deployment.xml -serverProps
..\properties\sampleServer.properties
-clusterSecurityFile security3.xml -jvmArgs
-Djava.security.auth.login.config="xsjaas3.config"
startXsServer.bat c0 -catalogServiceEndPoints localhost:2809
-objectgridFile gettingstarted\xml\objectgrid.xml
-deploymentPolicyFile gettingstarted\xml\deployment.xml -serverProps
..\properties\sampleServer.properties
-clusterSecurityFile security3.xml -jvmArgs
-Djava.security.auth.login.config="xsjaas3.config"
What to do next
Configure Transport Layer Security (TLS) for WebSphere® eXtreme Scale
Client for .NET. For more information,
see Configuring TLS for WebSphere eXtreme Scale Client for .NET.