Use programming interfaces to handle various aspects of
security in a WebSphere® eXtreme Scale environment.
Security API
WebSphere eXtreme
Scale adopts an open security architecture. It provides a basic security
framework for authentication, authorization, and transport security,
and requires users to implement plug-ins to complete the security
infrastructure.
Client authentication programming
For authentication, WebSphere eXtreme Scale provides a
runtime to send the credential from the client to the server side,
and then calls the authenticator plug-in to authenticate the users.
Client authorization programming WebSphere eXtreme Scale supports Java™ Authentication and Authorization
Service (JAAS) authorization that is ready to use and also supports
custom authorization using the ObjectGridAuthorization interface.
Data grid authentication
You can use the secure token manager plug-in to enable
server-to-server authentication, which requires you to implement the
SecureTokenManager interface.
Local security programming WebSphere eXtreme Scale provides several security endpoints to allow you to integrate custom
mechanisms. In the local programming model, the main security function
is authorization, and has no authentication support . You must authenticate
outside of WebSphere Application Server. However,
there are provided plug-ins to obtain and validate Subject objects.
Programming client authentication for WebSphere eXtreme Scale Client for .NET
To send credentials from the WebSphere eXtreme Scale Client for .NET to the server side,
you must implement the ICredentialGenerator and ICredential interfaces.
These interfaces generate a credential object that is passed to the
data grid and interpreted on the server side. On the server side,
the corresponding plug-in interprets the credential object.