Module 2: Configure WebSphere eXtreme Scale to use WebSphere Application Server Authentication plug-ins

After you have created the WebSphere® Application Server configuration, you can integrate WebSphere eXtreme Scale authentication with WebSphere Application Server.

When a WebSphere eXtreme Scale client connects to a container server that requires authentication, the client must provide a credential generator represented by the com.ibm.websphere.objectgrid.security.plugins.CredentialGenerator interface. A credential generator is a factory to create a client credential. A client credential can be: a user name and password pair, a Kerberos ticket, a client certificate, or client identification data in any format that the client and server agree upon. See the Credential API documentation for more details. In this sample, the WebSphere eXtreme Scale client is the EmployeeManagment web application that is deployed in the appCluster cluster. The client credential is a WebSphere security token that represents the web user identity.

Learning objectives

With the lessons in this module, you learn how to:
  • Configure client server security.
  • Configure catalog server security.
  • Configure container server security.
  • Install and run the sample application.

Time required

This module takes approximately 60 minutes.
  • Lesson 2.1: Configure client server security
    The client properties file indicates the CredentialGenerator implementation class to use.
  • Lesson 2.2: Configure catalog server security
    A catalog server contains two different levels of security information: The security properties that are common to all the WebSphere eXtreme Scale servers, including the catalog service and container servers, and the security properties that are specific to the catalog server.
  • Lesson 2.3: Configure container server security
    When a container server connects to the catalog service, the container server gets all the security configurations that are configured in the Object Grid Security XML file, such as authenticator configuration, the login session timeout value, and other configuration information. A container server also has its own server-specific security properties in the server property file.
  • Lesson 2.4: Install and run the sample
    After authentication is configured, you can install and run the sample application.
Related referenceClient properties fileYou can create a properties file based on your requirements for WebSphere eXtreme Scale client processes. Server properties fileThe server properties file contains several properties that define different settings for your server, such as trace settings, logging, and security configuration. The server properties file is used by both catalog service and container servers in both stand-alone servers and servers that are hosted in WebSphere Application Server.Related informationLesson 2.1: Configure client server securityThe client properties file indicates the CredentialGenerator implementation class to use. Credential API documentationLesson 2.2: Configure catalog server securityA catalog server contains two different levels of security information: The security properties that are common to all the WebSphere eXtreme Scale servers, including the catalog service and container servers, and the security properties that are specific to the catalog server.