Configure Shared Resource

A policy file requires a configured shared resource.

You may configure an appropriate shared resource before you can create a policy. The table Types of Security Shared ResourcesTable Types of Security Shared Resources lists the types of shared resources types used by different policies. You must use an appropriate shared resource properties file to create the policy. See Policy And Shared Resource Property File. For example, to create authentication policy to authenticate an username against LDAP server, you must register the LDAP shared resource property file. Types of Security Shared ResourcesType Description LDAP LDAP authentication shared resource provides the ability to authenticate a username and password against an LDAP server. Trust Identity The Trust Identity Provider is used for retrieving certificates required for performing trust operations from a credential store. For example, use Trust identity provider (TIP) for verifying signature or encryption and SSL client authentication. Subject Identity The Subject Identity Provider is used for retrieving and using private credentials obtained from a credential store. For example, use Subject identity provider (SIP) for signing or decryption. WSS WS security authentication provider is used as a combination of LDAP, Trust Identity Provider(TIP), and Subject Identity Provider(SIP). Note: WSS shared resource is a combination of LDAP authentication, Trust Identity and Subject Identity Providers. Depending on the usage of shared resource, WSS can be configured to include one or more types of shared resource that it is used for. Trust Identity Provider (TIP) and Subject Identity Provider (SIP) depends on Keystore Credential Provider (KCP), so TIP and SIP always include an associated KCP. explains the types of shared resources supported by TIBCO API Exchange Gateway product.

To configure a shared resource, perform the following steps:

Define Shared Resource Properties File

This section explains how to define the properties files required for the shared resource configuration.

TIBCO API Exchange Gateway provides the sample configuration file for the shared resources for each of the security type profile. It is good practice to use the sample files as templates and edit the properties as per your requirement. See Shared Resources Properties for details of properties for each supported shared resource.

Sample Files

Note:
  • The property files for various supported shared resources are located under this directory: ASG_CONFIG_HOME/default/security/resource