Example Security Token File

The security token file, example_token.txt, was created from the example security policy file by using the following Admin CLI command:

as-admin> create security_token domain_name "exdomain" policy_file 
"example_policy.txt" token_file "exdomain_token.txt"

This generates a security token file named exdomain_token.txt, which is based upon the security settings for the security domain named exdomain in the security policy file .xample_policy.txt. The example security token file contains a copy of the following from the security policy file:

• The metaspace access list. This restricts the metaspaces that can be connected to using this security token file.
• The transport security setting. This determines the type of security to be applied when making transport connections within a metaspace.
• The public certificate of the security domain. This is used to establish a secure transport connection with the security domain controller.

This security token file can be used by the examples to connect to a security domain controller for the default metaspace named ms. A connection to the security domain controller for a metaspace is established when an example tries to connect to the metaspace using the example security token file.

The security domain controller for the ms metaspace takes care of ensuring that security is applied to any example that connects to the metaspace using the example security token file. Other than using a security token file when connecting to a metaspace, there is nothing else that an application needs to do to have security applied to it, unless the default mechanism for obtaining user credentials for user authentication is not desired.

See ASUserAuthenticator for an example of how to use the security API callback mechanism to override how user credentials can be retrieved for user authentication.