Administration guide > Secure the deployment environment



Security integration with external providers

To protect the data, the product can integrate with several security providers.

WebSphere eXtreme Scale can integrate with an external security implementation. This external implementation must provide authentication and authorization services for WebSphere eXtreme Scale. WebSphere eXtreme Scale has plug-in points to integrate with a security implementation.WebSphere eXtreme Scale has been successfully integrated with the following components:

eXtreme Scale uses the security provider for the following tasks:

eXtreme Scale has the following types of authorizations:

Map authorization

Clients or groups can be authorized to perform insert, read, update, evict or delete operations on maps.

ObjectGrid authorization

Clients or groups can be authorized to perform object or entity queries on objectGrids.

DataGrid agent authorization

Clients or groups can be authorized to allow DataGrid agents to be deployed to an ObjectGrid.

Server-side map authorization

Clients or groups can be authorized to replicate a server map to client side or create a dynamic index to the server map.

Administration authorization

Clients or groups can be authorized to perform administration tasks.

If you had security already enabled for the back end , remember that these security settings are no longer sufficient to protect the data. Security settings from the database or other datastore does not in any way transfer to the cache. You must separately protect the data that is now cached using the eXtreme Scale security mechanism, including authentication, authorization, and transport level security.

Restriction: Do not use a Development Kit or Runtime Environment at v1.6 and above when you are also using SSL Transport Layer security with a stand-alone configuration of WebSphere eXtreme Scale v7.1 or 7.0. v1.6 and later does not support the WebSphere eXtreme Scale v7.1 application programming interfaces. Use v1.5 or earlier for configurations requiring SSL Transport security for stand-alone eXtreme Scale installations. This restriction is only applicable when you are using SSL security in a stand-alone eXtreme Scale configuration. Version 1.6 and later is supported for non-SSL transport configurations.


Parent topic:

Secure the deployment environment


Related concepts

Security integration with WAS

Data grid authentication

Data grid security

Application client authentication

Application client authorization

Transport layer security and secure sockets layer

Java Management Extensions (JMX) security

Plan for network ports


Related tasks

Enable local security

Start and stop secure servers

Secure the REST data service

Related reference

Security descriptor XML file

objectGridSecurity.xsd file

Client properties file


Related information

Tutorial: Integrate WebSphere eXtreme Scale security with WAS

Tutorial: Integrate WebSphere eXtreme Scale security in a mixed environment with an external authenticator