I have a CPE Java API application using Spring Boot & running on Tomcat server and my CPE (5.5.2) is running in Container on WAS server. I am having a hard time setting up a security between the two. Can somebody please help me/guide me to setup security?
1 Answer
If you work with CPE through Java API (RMI over Corba, not WSI) you connect to WAS JVM and you need to use JEE ways to authenticate subject in WAS security context.
WAS as JEE-based container use JAAS spec to provide Authentication.
So you need to know how to enable support JAAS to Spring, read it https://docs.spring.io/spring-security/site/docs/4.2.x/reference/html/jaas.html
After it, you need to know how to get a connection to FN ObjectStore through FN Java API (jace.jar). There is a samples you need to obtain security context and put created Subject and connect to FN after it https://www.ibm.com/support/knowledgecenter/en/SSNW2F_5.1.0/com.ibm.p8.ce.dev.ce.doc/sec_procedures.htm#sec_procedures_obtain_login_context
But also you need to configure your JVM in the right way to work with WAS JAAS configuration. How to enable JAAS configuration for your JVM, look at this link https://www.ibm.com/support/knowledgecenter/SSNW2F_5.1.0/com.ibm.p8.ce.dev.ce.doc/gs_concepts.htm#jaas_config_files
Good luck ˆ))
