Administration guide > Operate the deployment environment > Start and stop stand-alone servers
Start and stop secure eXtreme Scale servers
Servers often need to be secure for the deployment environment, which requires specific configuration for starting and stopping.
Start a secure server in a Java SE environment
You can start a catalog service or container servers as follows.
Start a secure eXtreme Scale catalog serviceStart a secure eXtreme Scale catalog service process requires two more security configuration files:
Security descriptor XML file: The security descriptor XML file describes the security properties common to all servers (including catalog servers and container servers). One property example is the authenticator configuration which represents the user registry and authentication mechanism.Server property file. The server property file configures the security properties specific to the server.
When you use startOgServer.sh or startOgServer.cat command to start a secure eXtreme Scale catalog service process, you can use the -clusterSecurityFile or -clusterSecurityUrl to set the security descriptor XML file as a file type or URL type, and you can use –serverProps to set the server property file.
Start a secure eXtreme Scale container serverStart a secure eXtreme Scale container server requires one security configuration file:
- Server property file: The server property file configures the security properties specific to the server. Refer to the Server properties file for more details.
When you you use startOgServer.sh or startOgServer.cat command to start a secure eXtreme Scale container server, you can use –serverProps to set the server property file. There are more ways to set the server property file, refer to the server properties file for more details.
For more details on how to use the startOgServer.sh or startOgServer.bat command and its options, refer to startOgServer script.
Stop a secure eXtreme Scale server
Stop a secure eXtreme Scale catalog service process or container server requires one security configuration file:
- client property file: The client property file can be used to configure the client security properties. The client security properties are required for a client to connect to a secure server. Refer to the Client properties filefor more details.
When you use stopOgServer.sh or stopOgServer.cat command to stop a secure eXtreme Scale catalog service process or container server, you can use -clientSecurityFile to set the client security properties.
For more details on how to use the stopOgServer.sh or stopOgServer.cat command and its options, refer to stopOgServer script.
Start a secure server in WAS
Start a secure ObjectGrid server in WAS is similar to starting a non-secure ObjectGrids erver except that pass the security configuration files. Instead of using the -[PROPERTY_FILE] (for example -serverProps) in the command as in the Java™ SE environment, you use the -D[PROPERTY_FILE] in the generic Java Virtual Machine (JVM) arguments.
Start a secure catalog service in Websphere Application ServerAcatalog server contains two different levels of security information:
- -Dobjectgrid.cluster.security.xml.url: This specifies the objectGridSecurity.xml file which describes the security properties common to all servers (including catalog servers and container servers).Oneexample is the authenticator configuration which represents the user registry and authentication mechanism. The file name specified for this property should be in an URL format, such as "file:///tmp/og/objectGridSecurity.xml".
- -Dobjectgrid.server.props: This specifies the server property file which contains the server-specific security properties.The file name specified for this property is just in plain file pathformat, such as "c:/tmp/og/catalogserver.props". Note that the use of -Dobjectgrid.security.server.props is deprecated, but you can continueusing it for backward compatibility.
To start a secure catalog service in WAS, follow the "Embedded in WAS" in the Data grid security.
Next, set the security property in the generic JVM argument of the process.
-Dobjectgrid.cluster.security.xml.url=file:///tmp/og/objectGridSecurity.xml-Dobjectgrid.server.props=/tmp/og/catalog.server.props
Steps to add the generic JVM arguments are...
- Expand "System administration" on the left-side task view.
- Click on the WAS process that the catalog service is deployed on, for example, "Deployment manager".
- On the right page, expand "Java and Process Management" under "Server Infrastructure".
- Click on "Process Definition".
- Click on "Java Virtual Machine" under "Additional Properties".
- Type the properties in the Generic JVM arguments textbox.
Start a secure container server in WASA container server, when connecting to the catalog server, will get all the security configurations configured in the objectGridSecurity.xml, such as authenticator configuration or login session timeout setting. Also, a container server has to configure its own server-specific security properties in the -Dobjectgrid.server.props property.
Use -Dobjectgrid.server.props property instead of -Dobjectgrid.security.server.propsproperty because we also put other non-security related properties in this property file. The file name specified for this property is just in plain file path format, such as c:/tmp/og/server.props.
Follow the same steps as above to add the security property to the generic JVM arguments.
Parent topic:
Start and stop stand-alone servers
Related tasks