To protect your WebSphere® eXtreme Scale data, eXtreme Scale can integrate with
several security providers.
WebSphere eXtreme Scale can integrate
with an external security implementation. This external implementation
must provide authentication and authorization services for
eXtreme Scale.
eXtreme Scale has plug-in points
to integrate with a security implementation. WebSphere
eXtreme Scale has been successfully
integrated with the following components:
- Lightweight Directory Access Protocol (LDAP)
- Kerberos
- ObjectGrid security
- Tivoli® Access Manager
- Java™ Authentication and
Authorization Service (JAAS)
eXtreme Scale uses the security
provider for the following tasks:
- Authenticating clients to servers.
- Authorizing clients to access certain eXtreme Scale artifacts or to specify
what can be done with eXtreme Scale artifacts.
eXtreme Scale has the following
types of authorizations:
- Map authorization
- Clients or groups can be authorized to perform insert, read, update,
evict or delete operations on maps.
- ObjectGrid authorization
- Clients or groups can be authorized to perform object or entity
queries on object grids.
- DataGrid agent authorization
- Clients or groups can be authorized to allow DataGrid agents to
be deployed to an ObjectGrid.
- Server-side map authorization
- Clients or groups can be authorized to replicate a server map
to client side or create a dynamic index to the server map.
- Administration authorization
- Clients or groups can be authorized to perform administration
tasks.
Note: If you had security already enabled for your
back end , remember that these security settings are no longer sufficient
to protect your data. Security settings from your database or other
datastore does not in any way transfer to your cache. You must separately
protect the data that is now cached using the eXtreme Scale security mechanism,
including authentication, authorization, and transport level security.