![]() |
Copyright © TIBCO Software Inc. All Rights Reserved |
The available settings for transport_security are:• encrypted_normal Use secure transport with 128 bit symmetric key encryption (default).• encrypted_strong Use secure transport with 256 bit symmetric key encryption.• integrity Use secure transport without encryption.
• Controllers: Nodes dedicated to enforcing a security domain's defined security behavior for a cluster associated with the security domain. Security domain controllers are the only discovery nodes in a cluster.
• Requestors Nodes that require access to the data in the DataGrid, such as a seeder or a leech, and which need to be authorized by a controller. Requestors can never be used a discovery nodes.
2.
5.
12. Enable security by make the following property true in the CDD: be.engine.cluster.as.security.enable=trueSuppose you start two nodes in a cluster called mycluster. One is inference engine and the other is a cache engine.
1. Assume that the LustenURL for the cache ( controller ) is tcp://10.98.192.101:9091 and theLustenURL for the inference ( requester ) is tcp://10.98.192.101:9090.
2. Generate the policy and token files from as_admin. Edit the metaspace_access line in both files to set the correct cluster name.
3. Also edit the line to place the listen url of the controller into the discovery= setting.
transport_access=true;cert_file=<trusted_certs_file>
7. Use the validate token_file command to validate the security token file.
![]() |
Copyright © TIBCO Software Inc. All Rights Reserved |