Client Authentication and Authorization
The TIBCO eFTL server can use an external authentication service to authenticate and authorize its eFTL clients.
The eFTL administrator configures the authorization groups that can publish and subscribe on each channel. That is, each channel can specify two of authorization groups: one for publishing and one for subscribing. When a user runs an eFTL application, that application can publish if the user name is in the channel’s publish authorization group, and subscribe if the user name is in the channel's subscribe authorization group.
To enable authentication and authorization for a cluster of eFTL servers, see “Authorization” in Channel Details Panel.
To assign authorization groups to a channel, see Authorization.
One file configures authentication for both the realm server and the eFTL server. For an example, see the authentication configuration file in the samples directory.
- JAAS Login Modules
TIBCO eFTL server supports JAAS login modules through the TIBCO FTL realm server.