Security server

The security server is used only in a system that has advanced security. This component runs on a separate computer system from any connected host servers, and interacts with them. As users run clients, the clients request the host servers to perform various actions.

When it receives such a request, a host server queries the security server to determine whether the user has permission to perform the requested action. Depending on the security server's response, the host server performs the action or notifies the user that the request has been denied.

The security server module provides the authentication and authorization services for all the clients, including the host server.

This module gets the ACL information through the Security Store module. It loads the appropriate Security Store when the security server is started.

The security store module functions as the client to the ACL storage.

This module accesses the Derby database using the embedded Derby JDBC driver. The Derby engine runs inside the same Java Virtual Machine as the security server and Derby becomes part of the security server.

The Security Store module contains these parts:

  • SecurityStoreImpl: This acts as the portal for the Security Store module. This wraps the underlying access implementation to the ACL storage.
  • DB Security Store: This runs as the database client and provides all the access methods to the Derby database.