The TIBCO Hawk product supports a security mechanism which enables all method invocation requests made of a TIBCO Hawk agent to be verified for authenticity and integrity and then authorized (or not) based on the identity of the user making the request.
An agent using the Trusted or TrustedWithDomain security model allows users with either Trusted or TrustedWithDomain to access the agent.
I have implemented Trusted Model here by providing the Trusted class in Security Policy Class tab of Tibco hawk configuration utility as shown below in the screenshot.
Users are explicitly granted or denied access through the access control file. A user who is not in this file is not allowed to perform any operations on the TIBCO Hawk system. Access control information is in a plain ASCII file located in the C:ProgramDataTIBCO_HOMEtibcocfgmgmthawksecurity folder.
If the user is not mentioned in the Trusted.txt file, it won’t allow to perform any operation as shown below:
Once the security policy is loaded successfully, we can check it from self:getSecurityInfo microagent as shown below:
Below is the Trusted.txt file I have used, which implements the below actions:
Grants full access to all methods on all microagents on all nodes, including group operations.
# – all ACTION methods on the Custom microagent on all nodes.
# – the specified methods on the Repository microagent on all nodes.
# – the specified methods on the RuleBaseEngine microagent on “nodeA”.
Trusted Model: Trusted class in Security Policy Class tab of Tibco hawk configuration utility
Free Demo for Corporate & Online Trainings.