Mindmajix

How to Configure TIBCO Hawk Security Trusted Model

Hawk Security Trusted Model

The TIBCO Hawk product supports a security mechanism which enables all method invocation requests made of a TIBCO Hawk agent to be verified for authenticity and integrity and then authorized (or not) based on the identity of the user making the request.

Trusted vs TrustedWithDomain:

An agent using the Trusted or TrustedWithDomain security model allows users with either Trusted or TrustedWithDomain to access the agent.

  • To allow access to a user who starts Hawk Display (or the Console API application) in Trusted security mode, the entry for <user> specified in the agent’s Trusted.txt or TrustedWithDomain.txt should not include the domain of the user who actually starts Hawk Display (or the Console API application).
  • To allow access to a user who starts Hawk Display in TrustedWithDomain security mode, the entry for <user> specified in the agent’s Trusted.txt or TrustedWithDomain.txt should include the domain of the user who actually starts Hawk Display

Trusted Model:

I have implemented Trusted Model here by providing the Trusted class in Security Policy Class tab of Tibco hawk configuration utility as shown below in the screenshot.

Users are explicitly granted or denied access through the access control file. A user who is not in this file is not allowed to perform any operations on the TIBCO Hawk system. Access control information is in a plain ASCII file located in the C:\ProgramData\TIBCO_HOME\tibco\cfgmgmt\hawk\security folder.

If the user is not mentioned in the Trusted.txt file, it won’t allow to perform any operation as shown below:

Once the security policy is loaded successfully, we can check it from self:getSecurityInfo microagent as shown below:

Below is the Trusted.txt file I have used, which implements the below actions:

Grants full access to all methods on all microagents on all nodes, including group operations.

#       – all ACTION methods on the Custom microagent on all nodes.
#       – the specified methods on the Repository microagent on all nodes.
#       – the specified methods on the RuleBaseEngine microagent on “nodeA”.

Trusted class in Security Policy Class tab of Tibco hawk configuration utility

Trusted Model: Trusted class in Security Policy Class tab of Tibco hawk configuration utility


 

 

0 Responses on How to Configure TIBCO Hawk Security Trusted Model"

Leave a Message

Your email address will not be published. Required fields are marked *

Copy Rights Reserved © Mindmajix.com All rights reserved. Disclaimer.
Course Adviser

Fill your details, course adviser will reach you.