Introduction

This project was started on the back of work I had done on securing Oracle Coherence against Kerberos and Active Directory. I needed an easy way to share this work with the London Coherence "Pie & Mash" Club so putting it on Google Code seemed the way to go.

Note: This project is based on the current Coherence version 3.5.1b461 and future versions will hopefully fix some of the issues highlighted here. The code in the Extend section in particular cannot be guaranteed to work on future versions.

The project shows how to use arbitrary security credentials within Oracle Coherence to implement security. Part of the documentation shows how to create a class to allow any type of credential to be used but the bulk of the documentation concentrates on the use of Kerberos and Active Directory credentials.

Main Pages

Building The Code	How to build the code once you have checked it out
A Custom Principal Class	How to create a java.security.Principal implementation that can be used in Coherence to pass arbitrary credential
Using A Custom Principal in a Cluster	How to use a custom Principal class in a Coherence cluster
Cluster Access Control	How to implement Access Control in a cluster using our custom credentials
Kerberos	How to extend the custom Principal to work with Kerberos (and Active Directory)
Coherence Extend Security	Securing Extend connections
Apache DS	Using Apache DS as the KDC
Active Directory	Using Active Directory as the KDC
JMX Security	Securing JMX access to Coherence
RunningTheCode Running The Code	How to run a secure Coherence cluster

Appendixes

AD Groups	How to use Active Directory groups for authorisation

► Sign in to add a comment