Program for security
Use programming interfaces to handle various aspects of security in a WebSphere eXtreme Scale environment.
- Security API
WebSphere eXtreme Scale adopts an open security architecture. It provides a basic security framework for authentication, authorization, and transport security, and requires users to implement plug-ins to complete the security infrastructure.
- Client authentication programming
For authentication, WebSphere eXtreme Scale provides a runtime to send the credential from the client to the server side, and then calls the authenticator plug-in to authenticate the users.
- Client authorization programming
WebSphere eXtreme Scale supports Java Authentication and Authorization Service (JAAS) authorization out-of-the-box and also supports custom authorization using the ObjectGridAuthorization interface.
- Data grid authentication
Use the secure token manager plug-in to enable server-to-server authentication, which requires you to implement the SecureTokenManager interface.
- Local security
WebSphere eXtreme Scale provides several security endpoints to allow you to integrate custom mechanisms. In the local programming model, the main security function is authorization, and has no authentication support . You must authenticate outside of WAS. However, there are provided plug-ins to obtain and validate Subject objects.
Related concepts
Program with system APIs and plug-ins
Program for administrative tasks
Performance considerations for application developers
Related tasks
Access data with client applications
Access data with the REST data service
Program for Spring integration
Secure the deployment environment
Related reference
Related information