Administration guide > Secure the deployment environment
Security integration with external providers
To protect the data, the product can integrate with several security providers.
WebSphere eXtreme Scale can integrate with an external security implementation. This external implementation must provide authentication and authorization services for WebSphere eXtreme Scale. WebSphere eXtreme Scale has plug-in points to integrate with a security implementation.WebSphere eXtreme Scale has been successfully integrated with the following components:
- Lightweight Directory Access Protocol (LDAP)
- Kerberos
- ObjectGrid security
- Tivoli Access Manager
- Java™ Authentication and Authorization Service (JAAS)
eXtreme Scale uses the security provider for the following tasks:
- Authenticating clients to servers.
- Authorizing clients to access certain eXtreme Scale artifacts or to specify what can be done with eXtreme Scale artifacts.
eXtreme Scale has the following types of authorizations:
- Map authorization
- Clients or groups can be authorized to perform insert, read, update, evict or delete operations on maps.
- ObjectGrid authorization
- Clients or groups can be authorized to perform object or entity queries on objectGrids.
- DataGrid agent authorization
- Clients or groups can be authorized to allow DataGrid agents to be deployed to an ObjectGrid.
- Server-side map authorization
- Clients or groups can be authorized to replicate a server map to client side or create a dynamic index to the server map.
- Administration authorization
- Clients or groups can be authorized to perform administration tasks.
If you had security already enabled for the back end , remember that these security settings are no longer sufficient to protect the data. Security settings from the database or other datastore does not in any way transfer to the cache. You must separately protect the data that is now cached using the eXtreme Scale security mechanism, including authentication, authorization, and transport level security.
Restriction: Do not use a Development Kit or Runtime Environment at v1.6 and above when you are also using SSL Transport Layer security with a stand-alone configuration of WebSphere eXtreme Scale v7.1 or 7.0. v1.6 and later does not support the WebSphere eXtreme Scale v7.1 application programming interfaces. Use v1.5 or earlier for configurations requiring SSL Transport security for stand-alone eXtreme Scale installations. This restriction is only applicable when you are using SSL security in a stand-alone eXtreme Scale configuration. Version 1.6 and later is supported for non-SSL transport configurations.
Parent topic:
Secure the deployment environment
Related concepts
Application client authentication
Application client authorization
Transport layer security and secure sockets layer
Java Management Extensions (JMX) security
Related tasks
Related reference
Related information
Tutorial: Integrate WebSphere eXtreme Scale security with WAS
Tutorial: Integrate WebSphere eXtreme Scale security in a mixed environment with an external authenticator