Setting Up Authentication for Pulsar

You can set up authentication and SSL to improve security between TIBCO BusinessEvents and Pulsar broker. You must configure a Pulsar broker and Pulsar client (TIBCO BusinessEvents) for authentication.

    Procedure

  1. Configure the Pulsar broker for a security protocol that you require for authentication.

    For more details about the steps for configuring a Pulsar broker for a security protocol, refer to the Pulsar documentation.

  2. In BusinessEvents studio, configure the Pulsar channel fields for security:
Security Protocol Procedure
mTLS

  1. Start Pulsar broker with mTLS Authentication mode. See Pulsar documentation to create the server and client certificate and to start the Pulsar broker.

  2. Select mTLS from the Security Protocol dropdown.

  3. Click Configure.

  4. Specify the configuration fields. See Pulsar Channel Configuration Properties for more information.

Note: When client certificates are not encrypted, provide any dummy password in the identity file.
JWT

  1. Generate the JWT authentication token by using the following commands:

    > bin/pulsar tokens create-secret-key --output my-secret.key
> bin/pulsar tokens create --secret-key file:///path/to/my-secret.key --subject test-user

  2. Start Pulsar broker with JWT Authentication type. See Pulsar documentation for more information.

  3. In BusinessEvents Studio, select JWT from the Security Protocol dropdown.

  4. Click Configure.

  5. Specify the generated token in the Authentication Token field.
OAuth 2

  1. Start the Pulsar broker using OAuth 2 Authentication mode. See Pulsar documentation for more information.

  2. In BusinessEvents Studio, from the Security Protocol dropdown, select OAuth 2.

  3. Click Configure.

  4. Specify the JSON configuration file path that includes type, client_id, client_secret, client_email, issuer_url parameter details.

  5. Specify Issuer and Audience URL.
HTTP Basic

  1. Start the Pulsar broker with HTTP_BASIC Authentication. See Pulsar documentation.

  2. In BusinessEvents Studio, select HTTP_BASIC from the Security Protocol dropdown.

  3. Click Configure.

  4. Create an Identity Resource for username and password fields. Specify the Identity Resource path when the HTTP_BASIC configuration dialog opens.