Client Authentication and Authorization
TIBCO eFTL services can use an external authentication service to authenticate and authorize eFTL clients.
The eFTL administrator configures the authorization groups that can publish and subscribe on each channel. That is, each channel can specify two of authorization groups: one for publishing and one for subscribing. When a user runs an eFTL application, that application can publish if the user name is in the channel’s publish authorization group, and subscribe if the user name is in the channel's subscribe authorization group.
To enable authentication and authorization for a cluster of eFTL services, see “Authorization” in Channel Details Panel.
To assign authorization groups to a channel, see Authorization.
One file configures authentication for both the FTL servers and the eFTL services. For an example, see the authentication configuration file in the samples directory.
- JAAS Login Modules
TIBCO eFTL services support JAAS login modules through the TIBCO FTL server.