Start and stop secure eXtreme Scale servers

WebSphere eXtreme Scale Administration Guide > Secure the deployment environment

Start and stop secure eXtreme Scale servers

Servers often need to be secure for the deployment environment, which requires specific configuration for starting and stopping.

Start a secure server in a Java SE environment

You can start a catalog service or container servers as follows.

Start a secure eXtreme Scale catalog service
Start a secure eXtreme Scale catalog service process requires two more security configuration files:

Security descriptor XML file: The security descriptor XML file describes the security properties common to all servers (including catalog servers and container servers). One property example is the authenticator configuration which represents the user registry and authentication mechanism.
Server property file. The server property file configures the security properties specific to the server.
When you use startOgServer.sh or startOgServer.cat command to start a secure eXtreme Scale catalog service process, you can use the -clusterSecurityFile or -clusterSecurityUrl to set the security descriptor XML file as a file type or URL type, and you can use –serverProps to set the server property file.

Start a secure eXtreme Scale container server
Start a secure eXtreme Scale container server requires one security configuration file:

Server property file: The server property file configures the security properties specific to the server. Refer to the Server properties file for more details.

When you you use startOgServer.sh or startOgServer.cat command to start a secure eXtreme Scale container server, you can use –serverProps to set the server property file. There are more ways to set the server property file, refer to the server properties file for more details.
For more details on how to use the startOgServer.sh or startOgServer.bat command and its options, refer to startOgServer script.

Stop a secure eXtreme Scale server

Stop a secure eXtreme Scale catalog service process or container server requires one security configuration file:

client property file: The client property file can be used to configure the client security properties. The client security properties are required for a client to connect to a secure server. Refer to the Client properties filefor more details.

When you use stopOgServer.sh or stopOgServer.cat command to stop a secure eXtreme Scale catalog service process or container server, you can use -clientSecurityFile to set the client security properties.
For more details on how to use the stopOgServer.sh or stopOgServer.cat command and its options, refer to stopOgServer script.

Start a secure server in WebSphere Application Server

Start a secure ObjectGrid server in WebSphere Application Server is similar to starting a non-secure ObjectGrids erver except that you need to pass the security configuration files. Instead of using the -[PROPERTY_FILE] (for example -serverProps) in the command as in the Java™ SE environment, you use the -D[PROPERTY_FILE] in the generic Java Virtual Machine (JVM) arguments.

Start a secure catalog service in Websphere Application Server
Acatalog server contains two different levels of security information:

-Dobjectgrid.cluster.security.xml.url: This specifies the objectGridSecurity.xml file which describes the security properties common to all servers (including catalog servers and container servers).Oneexample is the authenticator configuration which represents the user registry and authentication mechanism. The file name specified for this property should be in an URL format, such as "file:///tmp/og/objectGridSecurity.xml".
-Dobjectgrid.server.props: This specifies the server property file which contains the server-specific security properties.The file name specified for this property is just in plain file pathformat, such as "c:/tmp/og/catalogserver.props". Note that the use of -Dobjectgrid.security.server.props is deprecated, but you can continueusing it for backward compatibility.

To start a secure catalog service in WebSphere Application Server, follow the "Embedded in WebSphere Application Server" in the Grid security.
Next, set the security property in the generic JVM argument of the process.
-Dobjectgrid.cluster.security.xml.url=file:///tmp/og/objectGridSecurity.xml-Dobjectgrid.server.props=/tmp/og/catalog.server.props
Steps to add the generic JVM arguments are as follows:

Expand "System administration" on the left-side task view.
Click on the WebSphere Application Server process that the catalog service is deployed on, for example, "Deployment manager".
On the right page, expand "Java and Process Management" under "Server Infrastructure".
Click on "Process Definition".
Click on "Java Virtual Machine" under "Additional Properties".
Type the properties in the Generic JVM arguments textbox.

Start a secure container server in WebSphere Application Server
A container server, when connecting to the catalog server, will get all the security configurations configured in the objectGridSecurity.xml, such as authenticator configuration or login session timeout setting. Also, a container server has to configure its own server-specific security properties in the -Dobjectgrid.server.props property.
You must use -Dobjectgrid.server.props property instead of -Dobjectgrid.security.server.propsproperty because we also put other non-security related properties in this property file. The file name specified for this property is just in plain file path format, such as c:/tmp/og/server.props.
Follow the same steps as above to add the security property to the generic JVM arguments.

Parent topic
Secure the deployment environment

Related tasks

Start stand-alone WebSphere eXtreme Scale servers
Start a stand-alone catalog service
Start container processes
Related reference

startOgServer script
Logs and trace

+
Search Tips | Advanced Search