The rest of the tutorial demonstrates how to enable client authentication before
connecting to an eXtreme Scale server. To prepare for the next
step of this tutorial, you need to package the SecureSimpleApp.java program
into a JAR and create a set of configuration files, which include a
security.xml file, and two JAAS configuration files. The
security.xml file lets you write authentication into the environment, and the
JAAS configuration files provide the authentication mechanism when connecting to the
server.
Procedure
- In a command line window, go to the wxs_home/applib directory you created in Java SE security tutorial - Step 1.
- Create and compile the following SecureSimpleApp.java class:
Attention: In the following example, some lines of code are continued on the next line
for publication purposes.
SecureSimpleApp.java
package com.ibm.websphere.objectgrid.security.sample.guide;
import com.ibm.websphere.objectgrid.ClientClusterContext;
import com.ibm.websphere.objectgrid.ObjectGrid;
import com.ibm.websphere.objectgrid.ObjectGridManager;
import com.ibm.websphere.objectgrid.ObjectGridManagerFactory;
import com.ibm.websphere.objectgrid.security.config.ClientSecurityConfiguration;
import com.ibm.websphere.objectgrid.security.config.ClientSecurityConfigurationFactory;
import com.ibm.websphere.objectgrid.security.plugins.CredentialGenerator;
import com.ibm.websphere.objectgrid.security.plugins.builtins.UserPasswordCredentialGenerator;
public class SecureSimpleApp extends SimpleApp {
public static void main(String[] args) throws Exception {
SecureSimpleApp app = new SecureSimpleApp();
app.run(args);
}
/**
* Get the ObjectGrid
* @return an ObjectGrid instance
* @throws Exception
*/
protected ObjectGrid getObjectGrid(String[] args) throws Exception {
ObjectGridManager ogManager = ObjectGridManagerFactory.getObjectGridManager();
ogManager.setTraceFileName("logs/client.log");
ogManager.setTraceSpecification("ObjectGrid*=all=enabled:ORBRas=all=enabled");
// Creates a ClientSecurityConfiguration object using the specified file
ClientSecurityConfiguration clientSC = ClientSecurityConfigurationFactory
.getClientSecurityConfiguration(args[0]);
// Creates a CredentialGenerator using the passed-in user and password.
CredentialGenerator credGen = new UserPasswordCredentialGenerator(args[1], args[2]);
clientSC.setCredentialGenerator(credGen);
// Create an ObjectGrid by connecting to the catalog server
ClientClusterContext ccContext = ogManager.connect("localhost:2809", clientSC, null);
ObjectGrid og = ogManager.getObjectGrid(ccContext, "accounting");
return og;
}
}
- Ensure your development environment contains the ogclient.jar file
in the classpath. For more information, see the Programming Guide.
- Compile the package with these files and name the JAR
sec_sample.jar.
- Change to the wxs_home directory.
- Create a directory called security.
- Create a configuration file called security.xml. Server security
properties are specified in this file. These properties are common for both catalog servers and
container servers.
security.xml
<?xml version="1.0" encoding="UTF-8"?>
<securityConfig xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://ibm.com/ws/objectgrid/config/security ../objectGridSecurity.xsd"
xmlns="http://ibm.com/ws/objectgrid/config/security">
<security securityEnabled="true" loginSessionExpirationTime="300" >
<authenticator className ="com.ibm.websphere.objectgrid.security.plugins.builtins.KeyStoreLoginAuthenticator">
</authenticator>
</security>
</securityConfig>