Establishing a security context

After initializing the administration API, we must create an SSL connection between the Java™ application and the ISAM policy server.

This connection is referred to as a security context by the administration API. The security context provides for the secure transfer of administrative requests and data between the Java application and the policy server.

A security context can be established using either user ID and password-based authentication or certificate-based authentication. In either case, the security context is represented by the PDContext object. Multiple PDContext objects can be created and used within the same JVM.

PDContext creation is a resource exhaustive operation. Although there is no upper limit to creating multiple PDContext objects, system resource limitation eventually determines how many can be successfully created and used. Create and pool only a few PDContext objects in the application environment.

The close() method provided in the PDContext class is used only to clean up the logger data associated with the context. The close() method but does not destroy the context.

For more Information about Java authentication classes and methods, see the IBM Security Verify Access for Web: Authorization Java Classes Developer Reference.

• User ID and password-based authentication
  This section describes the information you need to establish a security context with user ID and password authentication.
• Certificate-based authentication
  This section describes the information you need to establish a security context with certificate-based authentication.

Parent topic: Use the administration API