![]() |
Copyright © TIBCO Software Inc. All Rights Reserved |
See Creating a Security Policy File for information on how to create a security policy file.
3. Edit the settings for each security domain to define the specific security behavior desired. See Security Domain Settings for information on defining each type of security behavior.
5. Validate the security policy file using the Admin CLI. See Validating a Security Policy File for information on how to validate a security policy file.
6. If required for your transport security requirements, generate one or more security token files from the security policy file using the Admin CLI. See Security Token Files for detailed information on security token files.
8. See the ASDomainController example program for each supported programming language to see how the security API is used to connect to a metaspace using a security policy file.In general, you should require the security domain requestor to connect to a metaspace using a security token file that is generated from the security policy file. See 'Security Domain Requestors and Security Token Files for more information on security domain requestors and security token files.You generate security policy files using the Admin CLI. You then edit the settings for each security domain within the security policy file to fit your particular security needs. The following example shows the Admin CLI command to create a security policy file for a policy named mypolicy and a security domain named mydomain:as-admin> create security_policySee Chapter 2, “Administering ActiveSpaces with the Admin CLI” in the TIBCO ActiveSpaces Administration Guide for information on the define | create security_policy command.
• A private key and public certificate that security domain requestors use to verify the identity of the security domain controller when establishing transport connections with the security domain controller. See Transport Security for more information on the private key and public certificate.
• A data encryption key that is used by each node in a metaspace to encrypt data that resides in memory or is locally persisted. See Data Encryption for more information on the data encryption key.
![]() |
Copyright © TIBCO Software Inc. All Rights Reserved |