Copyright © TIBCO Software Inc. All Rights Reserved
Copyright © TIBCO Software Inc. All Rights Reserved


Chapter 4 Implementing ActiveSpaces Security : Restricting Transport Access

Restricting Transport Access
TIBCO ActiveSpaces security allows you to restrict transport connections within a security domain to only “trusted” nodes.
To restrict transport connections within a security domain:
1.
2.
Go to the line that reads transport_access=false;cert_file=
3.
transport_access=true;cert_file=<trusted_certs_file>
where trusted_certs_file is the filename for a trusted certificate file that you will create in step 8.
4.
5.
Use the validate policy_file Admin CLI command to validate the security policy file.
6.
as-admin> create security_token
domain_name "mydomain"
policy_file "mypolicy.txt"
create_identity
token_file "mytoken.txt"
7.
Use the validate token_file Admin CLI command to validate the security token file.
8.
9.
The public certificate is everything in the security token file between and including
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
10.
11.
Metaspace communication within the security domain is now restricted to only security domain controllers and security domain requestors that connect to the metaspace using a security token file whose public certificate is contained in the trusted certificates file.

Copyright © TIBCO Software Inc. All Rights Reserved
Copyright © TIBCO Software Inc. All Rights Reserved