The rest of the tutorial demonstrates how to enable client
authentication before connecting to an eXtreme Scale server. To prepare
for the next step of this tutorial, you need to package the SecureSimpleApp.java program
into a JAR and create a set of configuration files, which include
a security.xml file, and two JAAS configuration
files. The security.xml file lets you write authentication
into the environment, and the JAAS configuration files provide the
authentication mechanism when connecting to the server.
Procedure
- In a command line window, go to the wxs_home/applib directory
you created in Java SE security tutorial - Step 1.
- Create and compile the following SecureSimpleApp.java class:
Attention: In the following example, some lines
of code are continued on the next line for publication purposes.
SecureSimpleApp.java
package com.ibm.websphere.objectgrid.security.sample.guide;
import com.ibm.websphere.objectgrid.ClientClusterContext;
import com.ibm.websphere.objectgrid.ObjectGrid;
import com.ibm.websphere.objectgrid.ObjectGridManager;
import com.ibm.websphere.objectgrid.ObjectGridManagerFactory;
import com.ibm.websphere.objectgrid.security.config.ClientSecurityConfiguration;
import com.ibm.websphere.objectgrid.security.config.ClientSecurityConfigurationFactory;
import com.ibm.websphere.objectgrid.security.plugins.CredentialGenerator;
import com.ibm.websphere.objectgrid.security.plugins.builtins.UserPasswordCredentialGenerator;
public class SecureSimpleApp extends SimpleApp {
public static void main(String[] args) throws Exception {
SecureSimpleApp app = new SecureSimpleApp();
app.run(args);
}
/**
* Get the ObjectGrid
* @return an ObjectGrid instance
* @throws Exception
*/
protected ObjectGrid getObjectGrid(String[] args) throws Exception {
ObjectGridManager ogManager = ObjectGridManagerFactory.getObjectGridManager();
ogManager.setTraceFileName("logs/client.log");
ogManager.setTraceSpecification("ObjectGrid*=all=enabled:ORBRas=all=enabled");
// Creates a ClientSecurityConfiguration object using the specified file
ClientSecurityConfiguration clientSC = ClientSecurityConfigurationFactory
.getClientSecurityConfiguration(args[0]);
// Creates a CredentialGenerator using the passed-in user and password.
CredentialGenerator credGen = new UserPasswordCredentialGenerator(args[1], args[2]);
clientSC.setCredentialGenerator(credGen);
// Create an ObjectGrid by connecting to the catalog server
ClientClusterContext ccContext = ogManager.connect("localhost:2809", clientSC, null);
ObjectGrid og = ogManager.getObjectGrid(ccContext, "accounting");
return og;
}
}
- Ensure your development environment contains the ogclient.jar file
in the classpath. For more information, see the Programming Guide.
- Compile the package with these files and name the JAR sec_sample.jar.
- Change to the wxs_home directory.
- Create a directory called security.
- Create a configuration file called security.xml.
Server security properties are specified in this file. These properties
are common for both catalog servers and container servers.
security.xml
<?xml version="1.0" encoding="UTF-8"?>
<securityConfig xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://ibm.com/ws/objectgrid/config/security ../objectGridSecurity.xsd"
xmlns="http://ibm.com/ws/objectgrid/config/security">
<security securityEnabled="true" loginSessionExpirationTime="300" >
<authenticator className ="com.ibm.websphere.objectgrid.security.plugins.builtins.KeyStoreLoginAuthenticator">
</authenticator>
</security>
</securityConfig>