Configuring IBM WebSphere DataPower XC10 Appliance user interface security
Much of the security functionality offered by WebSphere DataPower XC10 Appliance is built into the construction of the appliance. Additional security
settings are included to provide additional security options for your
environment.
Managing users and groups
Users and user
groups are provided so that you can manage
the level of access for each individual to your WebSphere DataPower XC10 Appliance.
You can use user groups to apply permissions to groups of users.
Enabling security for data grids
After you create your data grids, the security of the data grid is disabled by default.
You can change the security settings for a data grid to restrict access to
a certain user or group of users.
Configuring TLS for data grid applications
You can configure Transport Layer Security
(TLS) by modifying or replacing the keystore and truststore, and choosing
the certificate alias for your configuration.
REST gateway: Security configuration
To access a data grid through the REST gateway, the user
must be authenticated to the WebSphere DataPower XC10 Appliance, regardless of whether the data grid has security enabled.
The application client must always provide a basic authorization header
with the authorized user ID and password in the HTTP headers of the
HTTP request. To access data grids through the REST gateway, provide
the user ID and password in an authorization header.