geode-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From r..@apache.org
Subject [32/50] [abbrv] incubator-geode git commit: Remove security-enabled-components property and rework prose to accomodate the removal. [#130304427]
Date Fri, 30 Sep 2016 00:42:48 GMT
Remove security-enabled-components property and rework prose
to accomodate the removal. [#130304427]


Project: http://git-wip-us.apache.org/repos/asf/incubator-geode/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-geode/commit/b40485b0
Tree: http://git-wip-us.apache.org/repos/asf/incubator-geode/tree/b40485b0
Diff: http://git-wip-us.apache.org/repos/asf/incubator-geode/diff/b40485b0

Branch: refs/heads/staging/docs-grant1
Commit: b40485b02d2c75b6114ef549fe017f5578255b64
Parents: d19a977
Author: Karen Miller <kmiller@pivotal.io>
Authored: Wed Sep 14 09:39:48 2016 -0700
Committer: Karen Miller <kmiller@pivotal.io>
Committed: Wed Sep 14 09:39:48 2016 -0700

----------------------------------------------------------------------
 managing/security/enable_security.html.md.erb   | 50 +++++++-------------
 .../implementing_authentication.html.md.erb     |  4 +-
 .../implementing_authorization.html.md.erb      |  4 +-
 3 files changed, 20 insertions(+), 38 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/b40485b0/managing/security/enable_security.html.md.erb
----------------------------------------------------------------------
diff --git a/managing/security/enable_security.html.md.erb b/managing/security/enable_security.html.md.erb
index 441b66c..8f2824c 100644
--- a/managing/security/enable_security.html.md.erb
+++ b/managing/security/enable_security.html.md.erb
@@ -17,42 +17,24 @@ For example:
 security-manager = com.example.security.MySecurityManager
 ```
 
-## security-enabled-components Property
-
 All components of the system invoke the same callbacks.
-Security may be enabled on a component basis with
-the definition of the `security-enabled-components` property.
-Its definition restricts which system components invoke
-the authentication and authorization callbacks.
-The defined values for system components:
-
-- `all`&mdash;All components invoke the security callbacks.
-- `server`&mdash;Invokes security callbacks upon connection and operation
-requests that a client makes of a server.
-- `cluster`&mdash;Invokes security callbacks upon connection and operation
-requests that a server makes as the peer of a locator.
-- `jmx`&mdash;Invokes security callbacks upon connection and operation
-requests that components communicating with a JMX manager make of a locator.
+Here are descriptions of the components and the connections that they
+make with the system.
+
+- A client connects with a server and makes operation requests 
+of that server.  The callbacks invoked are those defined by the
+`SecurityManager` interface for that server.
+- A server connects with a locator, invoking the `authenticate` callback
+defined for that locator.
+- Components communicating with a locator's JMX manager connect and make
+operation requests of the locator.
+The callbacks invoked are those defined by the
+`SecurityManager` interface for that locator.
 Both `gfsh` and `Pulse` use this form of communication.
-- `http`&mdash;Invokes security callbacks upon connection and operation
-requests that applications communicating via the REST API make of a server.
-- `gateway`&mdash;Invokes security callbacks upon connection and operation
-requests that a gateway sender makes of a locator.
-
-The `security-enabled-components` property defines 
-a comma-separated list of components that will
-invoke the `authorize` callback.
-For example,
-
-``` pre
-security-enabled-components = server, cluster jmx
-```
-
-The `all` component value is used by itself, as in the example
-
-``` pre
-security-enabled-components = all
-```
+- Applications communicating via the REST API make of a server
+invoke security callbacks upon connection and operation requests.
+- Requests that a gateway sender makes of a locator
+invoke security callbacks defined for that locator.
 
 ## security-post-processor Property
 

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/b40485b0/managing/security/implementing_authentication.html.md.erb
----------------------------------------------------------------------
diff --git a/managing/security/implementing_authentication.html.md.erb b/managing/security/implementing_authentication.html.md.erb
index 9bbb9d3..c238be9 100644
--- a/managing/security/implementing_authentication.html.md.erb
+++ b/managing/security/implementing_authentication.html.md.erb
@@ -28,9 +28,9 @@ that will connect to the system.
 This simplistic algorithm returns the user name as a principal
 if the user name and password passed to the `authenticate` method
 are a match for one of the stored pairs.
-- Define the `security-manager` and `security-enabled-components` properties.
+- Define the `security-manager` property.
 See [Enable Security with Property Definitions](enable_security.html)
-for details about these properties.
+for details about this property.
 - Implement the  `authenticate` method of the `SecurityManager` interface.
 - Define any extra resources that the implemented authentication algorithm
 needs in order to make a decision.

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/b40485b0/managing/security/implementing_authorization.html.md.erb
----------------------------------------------------------------------
diff --git a/managing/security/implementing_authorization.html.md.erb b/managing/security/implementing_authorization.html.md.erb
index 87b4135..3fd4816 100644
--- a/managing/security/implementing_authorization.html.md.erb
+++ b/managing/security/implementing_authorization.html.md.erb
@@ -239,9 +239,9 @@ which operations.
 The algorithm bases its decision
 on a look up of the permissions granted to the principal attempting
 the operation.
-- Define the `security-manager` and `security-enabled-components` properties.
+- Define the `security-manager` property.
 See [Enable Security with Property Definitions](enable_security.html)
-for details about these properties.
+for details about this property.
 - Implement the  `authorize` method of the `SecurityManager` interface.
 - Define any extra resources that the implemented authorization algorithm
 needs in order to make a decision.


Mime
View raw message