Configuring IBM WebSphere DataPower XC10 Appliance user interface security
Much of the security functionality offered by WebSphere DataPower XC10 Appliance is
built into the construction of the appliance. Additional security
settings are included to provide additional security options for your
environment.
Managing users and groups
Users and user groups are provided so that you can manage
the level of access for each individual to your WebSphere DataPower XC10 Appliance. You can use user groups to apply permissions to groups of
users.
Enabling security for data grids
After you create your data grids, the security of the data grid is disabled by default.
You can change the security settings for a data grid to restrict access to
a certain user or group of users.
Configuring TLS for data grid applications
You can configure Transport Layer Security
(TLS) by modifying or replacing the keystore and truststore, and choosing
the certificate alias for your configuration.
REST gateway: Security configuration
To access a data grid through the REST gateway, the user
must be authenticated to the WebSphere DataPower XC10 Appliance,
regardless of whether the data grid has security enabled. The application
client must always provide a basic authorization header with the authorized
user ID and password in the HTTP headers of the HTTP request. To access
data grids through the REST gateway, provide the user ID and password
in an authorization header.