Creating a Security Token

A token is an optional configuration file that can be deployed on nodes that have access to or create secured ActiveSpaces resources. The token is created from the security parameter values set in a specified policy file.

If not used, the keyword “none” is provided for the token file location. In such a case, requestors will trust any controller and these requestors cannot connect to a secured metaspace where transport level authentication is required.

When you create a token, you can specify that it is encrypted: in this case, a requestor can only be started if the password is typed when the node starts.

Procedure

  1. Create a policy file and set the policy parameters required for a token.
  2. Run the create security_token command to create a token file.

    The create security token command has the following syntax: 

    define | create security_token domain_name <string>
policy_file <string> [create_identity [common_name <string>]
[encrypt <boolean>][validity_days <integer>]]token_file <string>

    For a complete description of the create security_token command, see define create security_token.

    For example: 

    as-admin> 
create security_token
domain_name "mydomain"
policy_file "mypolicy.txt"
token_file "mytoken.txt"
  3. Copy the token file to requestor nodes as needed.
  4. Verify OS-level access privileges on the security tokens.
    Attention: When using security, the Discovery URL is set on both, the policy and token files. Members using either the policy or the token file should not explicitly specify the Discovery URL in the command line parameters of the as-admin agent.
Related tasks
Related reference