Cloud CM-IPMP Anleitung zur Fehlerbehebung Seite 97
- Seite / 201
- Inhaltsverzeichnis
- LESEZEICHEN
Bewertet. / 5. Basierend auf Kundenbewertungen
Chapter 15
Security Configuration
15.1 Introduction
Security in the JAIN SLEE is an essential component of the Rhino SLEE architecture. It provides access control for
1. MLet extensions.
2. Resource Adaptors.
3. Node administration.
4. Cluster management.
The operational capabilities of Rhino SLEE allow a deployment to operate securely and reliably. A vendor can;
1. Relax or strengthen the security of the SLEE using Java policy based security.
2. Sign deployable units (jars) and grant permissions to signed code (SBBs, resource adaptors, services).
3. Contextualise security for user authentication and authorisation.
4. Integrate context security with enterprise systems, identity servers and databases.
The installation configures the standard Rhino SLEE security,
1. Creates default user-names and passwords.
2. Creates public and private key stores.
3. Generates basic key pairs and certificate chains.
4. Imports certificates into the public key stores.
5. Enables the Java Security Manager.
15.2 Security Policy
The security model is based on the standard Java security and the Java Authentication and Authorisation Service (JAAS) models.
The security subsystem provides a rigid level of systems integration and granular code level security which prevents untrusted
Resource Adaptors, MLets, SBBs or human users from performing restricted functions in the container environment.
A Rhino library code-base is protected in the file located at
$RHINO_HOME/etc/defaults/config/rhino.policy
. MLets
security are declared by protection domain grants issued in the
security-spec
section of the
$RHINO_NODE_HOME/config/
⁀permachine-mlet.conf file.
88
- Open Cloud Rhino SLEE 1.4.3 1
- Administration Manual 1
- November 2, 2006 (1838) 2
- Contents 3
- Introduction 10
- The Rhino SLEE Platform 12
- 2.3 Integration 13
- 2.4 Service Development 14
- 2.5 Functional Testing 15
- 2.6 Performance Testing 15
- 2.7 Software Development Kit 16
- JAIN SLEE Overview 17
- 3.3 Event Driven Applications 18
- 3.4 Components 18
- 3.5 Provisioned Data 18
- 3.6 Facilities 18
- 3.7 Activities 19
- 4.2.3 Firewalls 22
- 4.2.4 Unpacking 22
- 4.2.5 Installation 22
- 4.2.6 Unattended Installation 23
- 4.2.7 Configuring a Cluster 23
- 4.2.9 Configuring the Cluster 25
- 4.3 Cluster Lifecycle 26
- 4.3.2 Starting a Node 27
- 4.3.3 Starting a Quorum Node 27
- 4.3.4 Automatic Node Restart 27
- 4.3.5 Starting the SLEE 27
- 4.4 Management Interface 28
- 4.5 Setting the system clock 29
- 4.6 Optional Configuration 30
- 4.7 Installed Files 31
- 4.8 Runtime Files 32
- 4.8.2 Logging output 33
- Management 35
- 5.2 Management Tutorials 36
- 5.3 Building the Examples 37
- 5.5 Installing a Service 40
- 5.6 Uninstalling a Service 43
- 5.8 Creating a Profile 46
- 5.9 SLEE Lifecycle 50
- 5.9.4 The Stopping State 51
- 5.9.2 The Starting State 51
- 5.9.3 The Running State 51
- Administrative Maintenance 52
- 6.2.2 Removing Activities 54
- 6.2.3 Inspecting SBBs 55
- 6.2.4 Removing SBB Entities 56
- 6.2.5 Removing All 56
- 6.3 Upgrading a Cluster 57
- 6.3.3 Deploying State 58
- 6.4 Backup and Restore 59
- Export and Import 60
- 7.2 Exporting State 61
- 7.3 Importing State 62
- 7.4 Partial Imports 63
- Statistics and Monitoring 65
- 8.2 Performance Implications 66
- 8.3 Console Mode 66
- 8.3.1 Useful output options 67
- 8.4 Graphical Mode 68
- Web Console 73
- 9.2.2 Managed Objects 74
- 9.2.3 Navigation Shortcuts 74
- 9.3 Deployment Architecture 75
- 9.3.2 Standalone Web Console 76
- 9.4 Configuration 77
- 9.5 Security 77
- 9.5.2 Declarative Security 78
- 9.5.3 JAAS 78
- Log System Configuration 79
- 10.3 Logging Configuration 80
- 10.3.2 Web Console Logging 81
- Chapter 11 84
- 11.2.2 Web Console 85
- Threshold Alarms 87
- 12.5 Types of Rule Conditions 88
- 12.6 Creating Rules 89
- 12.6.2 Command Console 90
- Chapter 13 92
- 13.3.1 Configuration 93
- Licensing 94
- 14.2 Alarms 95
- 14.2.4 Management Interface 96
- 14.2.5 Audit Logs 96
- Security Configuration 97
- 15.3 Network Connections 98
- 15.4 Signing Deployable Units 99
- 15.5 Key Stores 100
- 15.6 Transport Layer Security 100
- 15.7 JAAS Configuration 101
- Performance Tuning 103
- 16.2.3 Tuning Recommendations 104
- 16.2.1 Configuration 104
- 16.2.2 Stage Tuning 104
- 16.3 Object Pool Configuration 105
- 16.4 Fault Tolerance 106
- Clustering 109
- 17.3 Scenarios 110
- 17.4 Configuration Parameters 111
- Application Environment 113
- 18.2.2 Concurrency Control 114
- 18.3 Application Configuration 115
- 18.5.4 Example 119
- 18.6 Application Fail-Over 120
- 18.6.2 Management Interface 121
- Database Connectivity 122
- 19.3 Configuration Example 123
- 19.4 SBB use of JDBC 124
- 19.4.1 SQL Programming 125
- J2EE SLEE Integration 127
- PostgreSQL Configuration 131
- 21.4 TCP/IP Connections 132
- 21.5 Access Control 132
- SIP Example Applications 138
- 22.2 System Requirements 139
- 22.3 Directory Contents 139
- 22.4 Quick Start 139
- 22.4.2 Building and Deploying 140
- 22.5 Manual Installation 144
- 22.6 Using the Services 152
- 22.6.4 Enabling Debug Output 156
- JCC Example Application 157
- 23.2.1 Resource Adaptor 158
- 23.2.3 Service Logic 160
- 23.3 Directory Contents 163
- 23.4 Installation 163
- 23.6.1 Trace Components 170
- 23.6.3 Creating a Call 171
- 23.7 Call Duration Service 172
- Customising the SIP Registrar 178
- 24.4 Extending with Profiles 181
- Hardware and Systems Support 182
- A.2.4 Application Example 184
- Redundant Networking 186
- Entities 191
- C.3 Configuration Properties 192
- C.4 Entity Binding 193
- Transactions 194
- D.3.3 Summary 195
- D.4.3 Commit Protocols 196
- Audit Logs 197
- E.2 Example Audit Logfile 199
- Glossary 200
© 2020, manymanuals.de. Alle Rechte vorbehalten. | 0.051 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Kommentare zu diesen Handbüchern