The introduction of a Domain Manager does not alter the TIBCO BusinessEvents® Extreme security model, but it does introduce some additional configuration requirements on the administrative domain. Administrative commands issued to managed nodes through a domain manager must use one of these authentication mechanisms:
the principal and credential provided to the administrative command must be defined on both the domain manager node and the target managed node(s) for the command.
the target managed node(s) must have the domain manager host defined as a trusted host (see the section called “Trusted Hosts”).
The choice of authentication mechanism is dependent on local security polices and whether the application is deployed into a trusted network. For example, the use of trusted host authentication would not be appropriate on an untrusted network.
Figure 5.2, “Common principal and credential authentication policy” shows the use of common principal and credential information in an administrative domain.
