For security, application developers focus on the realm connect call and its arguments. Complete this task, or use its steps as a checklist.
Prerequisites
The application developer and administrators have already coordinated to exchange security-related information and artifacts. See
Coordination.
Procedure
Coordinate for secure transports.
Coordinate with administrators to specify secure transports. Record this administrative requirement on the Endpoint Coordination Form.
Secure connections to realm servers using HTTPS.
In the realm connect call, specify HTTPS as the protocol in the
serverURL argument.
For example,
https://rs-host:7000.
Authenticate clients to the realm server.
In the realm connect call, supply client credentials using the
USERNAME and
USERPASSWORD properties.
The administrator must ensure that the user is in the authorization group
ftl.
Arrange trust in the realm servers.
The application must trust the realm server.
Request the realm server trust file from the administrator.
In the realm connect call, supply either the location of the trust file, or its contents as a string in PEM encoding. The following properties organize that information in the connect call:
TRUST_TYPE
TRUST_FILE
TRUST_PEM_STRING
For details, see the API documentation.
Verify authorization for requests.
If the application responds to requests, verify that the requestor has authorization for the request.
If a request is forwarded from an eFTL client, the
_user field of each request message contains the requestor's user name. For details, see "User Field" in
TIBCO eFTL Concepts.
