Previous Security Configuration Next

Configuring a Secure OpenFusion Service

Security properties for a service are configured through the Administration Manager, as follows.

  1. Select a Service in the Administration Manager's Object Hierarchy.
  2. Select the SECURITY tab.
  3. Set the following properties:
- Security Enabled
- XML Group Persistence
- XML Principal Persistence
- JAAS Configuration File
- XML ACL Persistence
- Security Credentials File
- Security Configuration File

These properties are fully described in Security Administration Manager Properties, below.


These properties should be configured separately for each OpenFusion Service.

Security Administration Manager Properties

Services can share common persistence files, or different file locations can be specified for each Service. The default is for all Services to store their persistence files in a common location, which means that by default the above properties are configured identically for each Service.

Security Enabled

If this property is checked, security is enabled for the Service. If security is not enabled, the remaining properties on this tab are unavailable.

Property Name

security.Enabled

Property Type

STATIC

Data Type

BOOLEAN

Accessibility

READ/WRITE

Mandatory

YES

XML Group Persistence

The name and location of the XML group persistence file, given as either a file or http URL. This defaults to:

file:<install>/etc/security/grouppersistence.xml

where <install> is the OpenFusion CORBA Services installation path.

This file is described in Creating ACL Groups.

Property Name

security.XMLGroupPersistenceFile

Property Type

STATIC

Data Type

URL

Accessibility

READ/WRITE

Mandatory

YES

XML Principal Persistence

The name and location of the XML principal persistence file, given as either a file or http URL. This defaults to:

file:<install>/etc/security/principalpersistence.xml

where <install> is the OpenFusion CORBA Services installation path.

This file is described in described in Creating Principal Mappings

Property Name

security.XMLPrincipalPersistenceFile

Property Type

STATIC

Data Type

URL

Accessibility

READ/WRITE

Mandatory

YES

JAAS Configuration File

The name and location of the Java Authentication and Authorisation Service (JAAS) configuration file, given as either a file or http URL. This defaults to:

file:<install>/etc/security/jaas.config

where <install> is the OpenFusion CORBA Services installation path.

Property Name

java.security.auth.login.config

Property Type

STATIC

Data Type

URL

Accessibility

READ/WRITE

Mandatory

YES

XML ACL Persistence

The name and location of the XML ACL persistence file, given as either a file or http URL. This defaults to:

file:<install>/etc/security/accessentry.xml

where <install> is the OpenFusion CORBA Services installation path.

Property Name

security.XMLACLPersistenceFile

Property Type

STATIC

Data Type

URL

Accessibility

READ/WRITE

Mandatory

YES

Security Credentials File

The name and location of the file holding user credentials, given as either a file or a http URL. This defaults to:

file:<install>/Security/etc/security/userdata.xml

where <install> is the OpenFusion CORBA Services installation path.

This file is described in Supplying Authorised Credentials.

Property Name

security.UserDataFile

Property Type

STATIC

Data Type

URL

Accessibility

READ/WRITE

Mandatory

YES

Security Configuration File

The name and location of the security configuration file, given as either a file or a http URL. This defaults to:

file:<install>/etc/security/SecurityProperties.xml

where <install> is the OpenFusion CORBA Services installation path.

This file is described in Security Configuration File Properties.

This property will be over-ridden by the system property security.ConfigurationFile, if it is set.

Property Name

security.ConfigFile

Property Type

STATIC

Data Type

URL

Accessibility

READ/WRITE

Mandatory

YES



Previous Security Configuration Next