Authorization Groups
A user name may belong to several authorization groups (also known as roles). Authorization groups can be configured in either the JAAS file or the flat-file.
The following are examples of users and authorization groups defined in a flat-file with the required authorization groups for running a data grid with authentication and authorization:
- Admin User - A user for authenticating the
tibrealmadmin,
tibdg, and
tibdgproxy processes which has the
ftl-admin role and the
tibdg-internal role. . The following statement is an example:
admin: adminpw, tibdg-internal,ftl-admin,ftl
- Realm Service User - A single user with roles for authenticating the primary TIBCO FTL realm and all satellite realms. This single user facilitates switching between a backup realm service and its primary realm service, or a satellite realm service and its primary realm service. The following statement is an example:
rs: rspw, ftl-internal,ftl-admin
- tibdgadmind User - A user for authenticating the
tibdgadmind process that requires the
ftl-internal and
ftl-admin roles. The following statement is an example:
tibdgadmind: tibdgadmindpw, ftl-internal,ftl-admin
- tibdg
User - An internal
tibdg user for starting and authenticating internal grid processes like the
tibdgkeeper and
tibdgnode, which require the basic
ftl role and the
tibdg-internal role. The following statement is an example:
tibdguser: tibdguserpw, tibdg-internal,ftl
- Client SQL DDL Users - Additional users as required for ActiveSpaces clients who also have permission to execute SQL DDL statements such as CREATE TABLE. See the section on
Grid and Table Permissions. The following is an example:
user3: user3pw, tibdg-ddl,ftl
- Client Users - Additional users as required for ActiveSpaces clients. These clients only need the basic role of
ftl. The following statement is an example:
user1: user1pw, ftl user2: user2pw, ftl
- Realm Service User - use the same name and password in all authentication files used by affiliated realm services
- Admin User
- tibdg user
Related concepts
Copyright © Cloud Software Group, Inc. All rights reserved.