Copyright © Cloud Software Group, Inc. All Rights Reserved
Copyright © Cloud Software Group, Inc. All Rights Reserved


Chapter 4 Implementing ActiveSpaces Security : Security Domain Requestors
Security Domain Requestors
A security domain requestor is a TIBCO ActiveSpaces node that requests security services from a security domain controller for a metaspace. Typically, a security domain requestor is just a normal TIBCO ActiveSpaces application that uses the security API when connecting to a metaspace associated with a security domain.
The security domain settings in the security policy file for the security domain controller define the security applied to a security domain requestor.
Depending on your application’s security requirements, the application might be required to connect to a metaspace using a security token file that has been generated from a security policy file. Consider requiring a security token file when a security domain requestor connects to a metaspace to ensure:
Security domain requestors are restricted to connecting to specified metaspaces.
The identity of security domain controllers the security domain requestor tries to connect to.
The identity of security domain requestors when establishing secure transport connections.
Only certain security domain requestors are allowed to connect to a metaspace.
See Security Token Files for more information on how connecting to a metaspace with a security token file can affect a security domain requestor.
Connecting to a Metaspace Without Using a Security Token File
A a security domain requestor can also connect to a metaspace without specifying a security token file. In this scenario, an empty string (“none”) is used as the name of the security token file when connecting to the metaspace.
When a security domain requestor does not use a security token file, the following occurs:
Connections to any metaspace in any security domain are allowed.
A transport security level of encrypted_normal is used by default.
If the security domain's transport security level is encrypted_strong, the security domain requestor's transport security level is automatically upgraded to encrypted_strong.
See Transport Security for more information on transport security levels.
Copyright © Cloud Software Group, Inc. All Rights Reserved
Copyright © Cloud Software Group, Inc. All Rights Reserved