Cloud CM-IPMP Guía para resolver problemas Pagina 101
- Pagina / 201
- Tabla de contenidos
- MARCADORES
Valorado. / 5. Basado en revisión del cliente
Resource Adaptor Signer
J2EE Connector Resource Adaptor
RhinoJ2EEConnectorRA
JAIN SIP Resource Adaptor
RhinoSIPRA
JCC Resource Adaptor
RhinoJCCRA
Web Console
web-console-lib
Table 15.1: Signer aliases used to sign Resource Adaptors
The server must export its public key to the client and when client authentication is required, the client must also export its
public key to the server.
1. The Java client is started with an environment variable
-Drmissl.securesocket=ssl.properties
which points to the
ssl.properties file which configures the client and server key stores and trust key stores.
2. The client connects to the server and downloads the client socket connection factory
3. The secure client socket is created and the servers public key is sent to the client
4. The client checks the server public key against the client trust store configured in the properties file
5. Secure communications ensue
15.7 JAAS Configuration
This section describes how to achieve integration with enterprise systems, identity servers, databases and password files
Note: Transport-layer security and the general security of the remote host and server are important considerations when
communicating with third-party servers. Any length of security planning can be foiled by an incumbent with a key.
Authentication is provided by the modules specified in the rhino.jaas file and the LoginContext file is specified as the system
property
java.security.auth.login.config
. See Java Authentication and Authorization Service (JAAS) Reference Guide
for more information.
-Djava.security.auth.login.config=$RHINO_HOME/etc/defaults/config/rhino.jaas
Rhino contains three JAAS login modules:
1. FileLoginModule
The login credentials and roles are stored in a file.
jaas-context {
com.opencloud.rhino.security.auth.FileLoginModule REQUIRED
file="/home/rhino/config/passwd"
hash="none";
};
By default, passwords are stored in cleartext in the password file. For increased security, a secure one-way hash of the
password can be stored instead. Use the client/bin/rhino-passwd utility to generate hashed passwords which can be copied
into the password file. The file login module needs to be configured by changing the hash="none" option to hash="md5".
2. LDAPLoginModule
The login credentials and roles are stored in an LDAP directory.
jaas-context {
com.opencloud.rhino.security.auth.LdapLoginModule REQUIRED
properties="/home/rhino/config/ldapauth.properties";
};
Open Cloud Rhino 1.4.3 Administration Manual v1.1 92
- Open Cloud Rhino SLEE 1.4.3 1
- Administration Manual 1
- November 2, 2006 (1838) 2
- Contents 3
- Introduction 10
- The Rhino SLEE Platform 12
- 2.3 Integration 13
- 2.4 Service Development 14
- 2.5 Functional Testing 15
- 2.6 Performance Testing 15
- 2.7 Software Development Kit 16
- JAIN SLEE Overview 17
- 3.3 Event Driven Applications 18
- 3.4 Components 18
- 3.5 Provisioned Data 18
- 3.6 Facilities 18
- 3.7 Activities 19
- 4.2.3 Firewalls 22
- 4.2.4 Unpacking 22
- 4.2.5 Installation 22
- 4.2.6 Unattended Installation 23
- 4.2.7 Configuring a Cluster 23
- 4.2.9 Configuring the Cluster 25
- 4.3 Cluster Lifecycle 26
- 4.3.2 Starting a Node 27
- 4.3.3 Starting a Quorum Node 27
- 4.3.4 Automatic Node Restart 27
- 4.3.5 Starting the SLEE 27
- 4.4 Management Interface 28
- 4.5 Setting the system clock 29
- 4.6 Optional Configuration 30
- 4.7 Installed Files 31
- 4.8 Runtime Files 32
- 4.8.2 Logging output 33
- Management 35
- 5.2 Management Tutorials 36
- 5.3 Building the Examples 37
- 5.5 Installing a Service 40
- 5.6 Uninstalling a Service 43
- 5.8 Creating a Profile 46
- 5.9 SLEE Lifecycle 50
- 5.9.4 The Stopping State 51
- 5.9.2 The Starting State 51
- 5.9.3 The Running State 51
- Administrative Maintenance 52
- 6.2.2 Removing Activities 54
- 6.2.3 Inspecting SBBs 55
- 6.2.4 Removing SBB Entities 56
- 6.2.5 Removing All 56
- 6.3 Upgrading a Cluster 57
- 6.3.3 Deploying State 58
- 6.4 Backup and Restore 59
- Export and Import 60
- 7.2 Exporting State 61
- 7.3 Importing State 62
- 7.4 Partial Imports 63
- Statistics and Monitoring 65
- 8.2 Performance Implications 66
- 8.3 Console Mode 66
- 8.3.1 Useful output options 67
- 8.4 Graphical Mode 68
- Web Console 73
- 9.2.2 Managed Objects 74
- 9.2.3 Navigation Shortcuts 74
- 9.3 Deployment Architecture 75
- 9.3.2 Standalone Web Console 76
- 9.4 Configuration 77
- 9.5 Security 77
- 9.5.2 Declarative Security 78
- 9.5.3 JAAS 78
- Log System Configuration 79
- 10.3 Logging Configuration 80
- 10.3.2 Web Console Logging 81
- Chapter 11 84
- 11.2.2 Web Console 85
- Threshold Alarms 87
- 12.5 Types of Rule Conditions 88
- 12.6 Creating Rules 89
- 12.6.2 Command Console 90
- Chapter 13 92
- 13.3.1 Configuration 93
- Licensing 94
- 14.2 Alarms 95
- 14.2.4 Management Interface 96
- 14.2.5 Audit Logs 96
- Security Configuration 97
- 15.3 Network Connections 98
- 15.4 Signing Deployable Units 99
- 15.5 Key Stores 100
- 15.6 Transport Layer Security 100
- 15.7 JAAS Configuration 101
- Performance Tuning 103
- 16.2.3 Tuning Recommendations 104
- 16.2.1 Configuration 104
- 16.2.2 Stage Tuning 104
- 16.3 Object Pool Configuration 105
- 16.4 Fault Tolerance 106
- Clustering 109
- 17.3 Scenarios 110
- 17.4 Configuration Parameters 111
- Application Environment 113
- 18.2.2 Concurrency Control 114
- 18.3 Application Configuration 115
- 18.5.4 Example 119
- 18.6 Application Fail-Over 120
- 18.6.2 Management Interface 121
- Database Connectivity 122
- 19.3 Configuration Example 123
- 19.4 SBB use of JDBC 124
- 19.4.1 SQL Programming 125
- J2EE SLEE Integration 127
- PostgreSQL Configuration 131
- 21.4 TCP/IP Connections 132
- 21.5 Access Control 132
- SIP Example Applications 138
- 22.2 System Requirements 139
- 22.3 Directory Contents 139
- 22.4 Quick Start 139
- 22.4.2 Building and Deploying 140
- 22.5 Manual Installation 144
- 22.6 Using the Services 152
- 22.6.4 Enabling Debug Output 156
- JCC Example Application 157
- 23.2.1 Resource Adaptor 158
- 23.2.3 Service Logic 160
- 23.3 Directory Contents 163
- 23.4 Installation 163
- 23.6.1 Trace Components 170
- 23.6.3 Creating a Call 171
- 23.7 Call Duration Service 172
- Customising the SIP Registrar 178
- 24.4 Extending with Profiles 181
- Hardware and Systems Support 182
- A.2.4 Application Example 184
- Redundant Networking 186
- Entities 191
- C.3 Configuration Properties 192
- C.4 Entity Binding 193
- Transactions 194
- D.3.3 Summary 195
- D.4.3 Commit Protocols 196
- Audit Logs 197
- E.2 Example Audit Logfile 199
- Glossary 200
© 2020, manymanuals.es. Todos los derechos reservados | 0.065 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentarios a estos manuales