Administration guide > Secure the deployment environment > Tutorial: Integrate WebSphere eXtreme Scale security with WAS
Secure the deployment environment > Tutorial: Integrate WebSphere eXtreme Scale security with WAS >
Module 2: Configure WebSphere eXtreme Scale to use WAS Authentication plug-ins
After you have created the WAS configuration, you can integrate WebSphere eXtreme Scale authentication with WAS.
When a WebSphere eXtreme Scale client connects to a container server that requires authentication, the client must provide a credential generator represented by the com.ibm.websphere.objectgrid.security.plugins.CredentialGenerator interface. A credential generator is a factory to create a client credential. A client credential can be: a user name and password pair, a Kerberos ticket, a client certificate, or client identification data in any format that the client and server agree upon. See the Credential API documentation for more details. In this sample, the WebSphere eXtreme Scale client is the EmployeeManagment web application that is deployed in the appCluster cluster. The client credential is a WebSphere security token that represents the web user identity.
Learning objectives
With the lessons in this module, you learn how to:
- Configure client server security.
- Configure catalog server security.
- Configure container server security.
- Install and run the sample application.
Time required
This module takes approximately 60 minutes.
Lessons in this module
- Lesson 2.1: Configure client server security
The client properties file indicates the CredentialGenerator implementation class to use.
- Lesson 2.2: Configure catalog server security
A catalog server contains two different levels of security information: The security properties that are common to all the WebSphere eXtreme Scale servers, including the catalog service and container servers, and the security properties that are specific to the catalog server.
- Lesson 2.3: Configure container server security
When a container server connects to the catalog service, the container server gets all the security configurations that are configured in the Object Grid Security XML file, such as authenticator configuration, the login session timeout value, and other configuration information. A container server also has its own server-specific security properties in the server property file.
- Lesson 2.4: Install and run the sample
After authentication is configured, you can install and run the sample application.
Related information
Lesson 2.1: Configure client server security
Lesson 2.2: Configure catalog server security