Securing Client-to-Proxy Communication

After creating and starting a secure data grid, set the properties of the ActiveSpaces client application that are required to connect to a secure data grid and start secure communications. The properties must be passed to the DataGrid.connect() API function. The HTTPS protocol must be used in the URL parameter to connect to a secure realm service. For details about how these properties work, see the Operations code sample at TIBCO_HOME\as\<version>\samples\src\java\Operations. The following procedure also elaborates on these properties.
Note: The installation environment of ActiveSpaces is referenced as TIBCO_HOME. For example, on Microsoft Windows, TIBCO_HOME might be C:\tibco.

Prerequisites

Ensure that you have the following information from your administrator before you begin the procedure:
  • The TIBCO FTL server trust file that was generated when setting up the secure TIBCO FTL server.
  • The correct user name and password for the ActiveSpaces client application (if the administrator set up authentication in the TIBCO FTL server).

Procedure

  1. In the URL parameter passed to DataGrid.connect() function call, use https:// for each realm URL in the list.
    When specifying a list of three TIBCO FTL servers, the URL string parameter must be as listed in this example: https://ftlsvr1:8085|https://ftlsvr2:8185|https://ftlsvr3:8285.
  2. To connect to a secure data grid, set a specific trust type in the properties passed to the DataGrid.connect() function call.
    1. Place the PEM trust file in the file system so that it can be accessed securely by the ActiveSpaces client application.
    2. In the ActiveSpaces client application, set the connection TRUST_TYPE property to the enum representing USE_SPECIFIED_TRUST_FILE.
    3. In the ActiveSpaces client application, set the TRUST_FILE property to the file system path of the trust file received by the administrator.
    The following Java code snippet is an example: 
    Properties props = new Properties(); 
props.setProperty(Connection.TIBDG_CONNECTION_PROPERTY_STRING_TRUST_TYPE, Connection.TIBDG_CONNECTION_HTTPS_CONNECTION_USE_SPECIFIED_TRUST_FILE);
props.setProperty(Connection.TIBDG_CONNECTION_PROPERTY_STRING_TRUST_FILE, trustFilePath);
DataGrid.connect(url, gridName, props);
  3. If the administrator has set up authentication in the TIBCO FTL server and provided a user name and password, then in the properties object passed to DataGrid.connect() function call, include the USERNAME and USERPASSWORD properties as shown in the following examples: 
    props.setProperty(Connection.TIBDG_CONNECTION_PROPERTY_STRING_USERNAME, username);
props.setProperty(Connection.TIBDG_CONNECTION_PROPERTY_STRING_USERPASSWORD, password);
DataGrid.connect(url, gridName, props);