BigMemory 4.4.0 | Product Documentation | BigMemory Max Security Guide | Setting Up a TSA to Use the Terracotta Management Server | Configuring Identity Assertion
 
Configuring Identity Assertion
Add the following to each server's <security> block:
<security>
...
<management>
<ia> https://my-tms.mydomain.com:9443/tmc/api/assertIdentity</ia>
<timeout>10000</timeout>
<hostname>my-l2.mydomain.com</ hostname >
</management>
</security>
where:
*<timeout> is the timeout value in milliseconds for connections from the server to the TMS.
*<ia> is the HTTPS (or HTTP) URL with the domain of the TMS, followed by the port 9443 and the path /tmc/api/assertIdentity.
If you are using HTTPS, which is recommended, export a public key from the TMS and import it into the server's truststore. You must also export a public key from the server and import it into the TMS's truststore, or copy the server's truststore (including the local server's public key) to the TMS.
*<management><hostname> is used only if the DNS hostname of the server does not match server hostname used in its certificate. If there is a mismatch, enter the DNS address of the server here.
You must export a public key from the TMS.