Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Enabling HTTPS

...

To enable HTTPS for services and web applications, add the following to the systemConfig.xml file:

...

Keystore and truststore entries are optional. If not supplied, Fabric3 will look for a fabric3-keystore.jks store in the server /config directory. If a keystore is defined but a truststore is not, Fabric3 will default the truststore to the keystore value. Note the keystore value is an absolute file path.

...

Securing Application Provisioning

In a distributed domain, Fabric3 uses HTTP or HTTPS to provision artifacts to runtime instances during deployment. By default HTTP is used. To enable HTTPS it is necessary to configure secure provisioning on the controller and participant runtimes.

...

Code Block
xml
xml
<config>
   <federation>
      <provision secure="true" address="localhost" username="foo" password="bar"/>
   </federation>
   <security>
      <keystore.password>password</keystore.password>
      <cert.password>password</cert.password>
   </security>
   <users>
      <user>
         <username>foo</username>
         <password>bar</password>
         <roles>
            <role>provision.client</role>
         </roles>
      </user>
   </users>
</config>

...

Securing Clustered Communications

In the Standalone and Tomcat runtimes, Fabric3 uses JGroups as the cluster service provider. To enable secure cluster communications, it is necessary to configure JGroups appropriately. JGroups XML configuration is specified using the <federation>/<config> element in systemConfig.xml:

...