Unless clients are authenticated, access to grid data and JMX management operations that control the grid are left unprotected. This is true even if SSL is enabled in the Liberty profile.
The server properties file is loaded by referring to it in the server.xml file, as described in Authenticating eXtreme Scale server connections in the Liberty profile. For security, this file must have credentialAuthentication=Required, just as in stand-alone deployments.
Each of the configuration files is loaded by each catalog server. Container servers use the JAAS configuration file and the security deployment descriptor files only.
Use one of the following methods to authenticate clients.