The eXtreme Scale servers running under WebSphere® Application Server authenticate to one another in the same way as eXtreme Scale stand-alone servers.
About this task
Three settings in the server.properties file determine how servers authenticate to one another. All of
the eXtreme Scale servers in
a domain, as well as all of the servers in any linked domains, must
use the same values for these three properties in the server.properties file, or communication fails. See Security descriptor XML file for more information about the security properties.
Procedure
- Create the server properties file, and enable server to
server authentication.
Using this sample server properties
file, create a server properties file that contains the
securityEnabled property, which is set to
true; for example:
securityEnabled=true
The default
value for this property is
false.
- Establish a secure server configuration.
One
secureTokenManagerType that you can use for a secure configuration
is autoSecret, which performs token encryption and signing using keys
derived from the authenticationSecret. Secure tokens are used in
server to server authentication and also for client single sign-on
tokens. A value of
none for secureTokenManagerType
is not secure because this setting prevents the creation of encrypted
tokens.
You can also specify a setting of secureTokenManagerType=default.
However, this option requires that you set up of a key store and related
artifacts.
- Specify a long and encrypted authentication secret that
is difficult for others to decipher.
Do not use the ObjectGridDefaultSecret,
which is the value that is used in the sampleServer.properties file.
- Configure a server properties file to secure the server.
Configure this properties file using the
WebSphere Application Server administration console . Add the following generic JVM argument:
-Dobjectgrid.server.props=<server property file name>