This chapter includes the following sections:
Conceptual Overview of Oracle Coherence Security
The security features are presented from basic security measures to more advanced security measures.
Java Policy Security
A Java security policy file is provided that contains the minimum set of security permissions necessary to run Oracle Coherence. Edit the file to change the permissions based on an application's requirement. The security policy protects against malicious use and alterations of the Oracle Coherence library and configuration files. See Using the Java Security Manager.
Host-based authorization explicitly specifies which hosts become members of a cluster and which extend clients connect to a cluster. This type of access control is ideal in environments where host names (or IP addresses) are known in advance. Host-based authorization protects against unauthorized hosts joining or accessing a cluster. See Using Host-Based Authorization.
Client Suspect Protocol
The client suspect protocol automatically determines if an extend client is acting malicious and blocks the client from connecting to a cluster. The suspect protocol protects against denial of service attacks. See Managing Rogue Clients.
Client Identity Tokens
Client identity tokens control which extend clients access the cluster. A proxy server allows a connection only if the client presents a valid token. Identity tokens are application-specific and typically reuse existing client authentication implementations. Identity tokens protect against unwanted or malicious clients accessing the cluster. See Using Identity Tokens to Restrict Client Connections.
Client authorization controls which actions a particular client can perform based on its access control rights. A proxy server performs the authorization check before an extend client accesses a resource (cache, cache service, or invocation service). Client authorization is application-specific and protects against unauthorized use of cluster resources. See Implementing Extend Client Authorization.
Access Controller Security Framework
The access controller manages access to clustered resources, such as clustered services and caches, and controls which operations a user can perform on those resources. Cluster members use login modules to provide proof of identity; while, encrypting and decrypting communication acts as proof of trustworthiness. The framework requires the use of a keystore and defines permissions within a permissions file. The access controller prevents malicious cluster members from accessing and creating clustered resources. See Using an Access Controller.
SSL secures the Tangosol Cluster Management Protocol (TCMP) communication between cluster nodes. SSL also secures the TCP communication between Oracle Coherence*Extend clients and proxies. SSL uses digital signatures to establish identity and trust, and key-based encryption to ensure that data is secure. SSL is an industry standard that protects against unauthorized access and data tampering by malicious clients and cluster members. See Using SSL to Secure Communication.
Coherence Security Quick Start
Configure file system permissions and Java policy permissions to protect against reads and writes of Coherence files. See Using the Java Security Manager.
Configure and enable SSL to secure communication between cluster members and protect against unauthorized members joining the cluster. See Using SSL to Secure TCMP Communication.
When using Coherence*Extend or Coherence REST, configure and enable SSL to secure communication between external clients and Coherence proxy servers. SSL protects against unauthorized clients from using cluster services. See Using SSL to Secure Extend Client Communication and Using SSL Authentication With Oracle Coherence REST, respectively.
Implement authorization policies to restrict client access to specific Coherence operations based on user roles. See Implementing Extend Client Authorization.
Overview of Security Configuration
The following files are used to configure security:
Operational Override File – The
tangosol-coherence-override.xmlfile overrides the operational deployment descriptor, which specifies the operational and runtime settings that maintain clustering, communication, and data management services. This file includes security settings for cluster members.
Cache Configuration File – The
coherence-cache-config.xmlfile is the default cache configuration file. It specifies the various types of caches within a cluster. This configuration file includes security settings for cache services, proxy services, and Coherence*Extend clients.