By default, Sybase CEP Server is installed with no access restrictions. A description of how to configure access restrictions.
See "Creating an ACL File" for more information. The SybaseC8\Server\conf directory contains a sample c8-acl.xml ACL file.
<section name="SybaseC8/Security"> ... <section name="AccessControl"> ... <preference name="ACLFile" value="C:\ProgramFiles \SybaseC8\Server\conf\myacl.xml"/> ... </section> ...
See "Sybase CEP Engine Authentication Plugins" for information about available methods.
A shared secret is a single predefined character string, which you specify for all Sybase CEP Servers in a cluster. The shared secret provides your cluster with an extra measure of security. When you enable this feature, the shared string must be exchanged between any two Sybase CEP Engine computers attempting to establish a connection.
To enable the shared secret, set the "SharedSecret" preference of the "SybaseC8/Security/AccessControl" section of your c8-server.conf file to your desired shared secret, for example:
<section name="SybaseC8/Security"> ... <section name="AccessControl"> ... <preference name="SharedSecret" value="sharedsecret123/> ... </section> ...
The same shared secret string must be specified for all the computers in the cluster.
The default reload frequency is 30 seconds.
To prevent security breaches to your access restriction policies, caused either by users tampering directly with the ACL file, or by redirecting the c8-server.conf file to point to a different ACL file, set file permissions to restrict user access to both the c8-server.conf file and the ACL file to which it points.