Program guide >
Program for security
Use programming interfaces to handle various aspects of security in a WebSphere eXtreme Scale environment.
- Security API
WebSphere eXtreme Scale adopts an open security architecture. It provides a basic security framework for authentication, authorization, and transport security, and requires users to implement plug-ins to complete the security infrastructure.
- Client authentication programming
For authentication, WebSphere eXtreme Scale provides a runtime to send the credential from the client to the server side, and then calls the authenticator plug-in to authenticate the users.
- Client authorization programming
WebSphere eXtreme Scale supports Java Authentication and Authorization Service (JAAS) authorization out-of-the-box and also supports custom authorization using the ObjectGridAuthorization interface.
- Data grid authentication
Use the secure token manager plug-in to enable server-to-server authentication, which requires you to implement the SecureTokenManager interface.
- Local security
WebSphere eXtreme Scale provides several security endpoints to allow you to integrate custom mechanisms. In the local programming model, the main security function is authorization, and has no authentication support . You must authenticate outside of WAS. However, there are provided plug-ins to obtain and validate Subject objects.
Program with system APIs and plug-ins
Program for administrative tasks
Program for JPA integration
Performance considerations for application developers
Plan to develop applications
Access data with client applications
Access data with the REST data service
Program for Spring integration
Secure the deployment environment