Starting Security Domain Controllers

Prerequisites

Make sure that the paths to the required system variables are set. Identify a process appropriate for using as a security domain controller. The security domain controller should be a process which is expected to remain running for the life of a metaspace. It is recommended to use as-agent for this purpose because the overhead of the domain controller is relatively low. Also, in high availability configurations, where more than one controller with identical policy files is used, you can have one as-agent per system configured as a domain controller.
Note: Remember that a security domain requestor is any client process trying to join a secure metaspace that is not already a security domain controller.

Procedure

  1. See the TIBCO ActiveSpaces Installation document for information on setting the environment variables.
  2. Make sure that you have a valid policy file for the domain.
  3. Start an as-agent as a domain controller: 
    as-agent -security_policy ’mypolicy.txt’ -metaspace ’ms’ 
-member_name ’secure1’ -listen ’tcp://127.0.0.1:50000’
    Note: When you set up a domain controller, make sure that the -listen parameter is explicitly set to one (or more) of the URLs IP:PORT included in the discovery URL that is in the policy file. If the discovery URL does not have a port associated with it, the port number of the listen URL must be explicitly set to 50000.
Related tasks
Related reference