geode-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject [35/50] [abbrv] incubator-geode git commit: Complete the update of setting credentials for authentication. [#130304427]
Date Fri, 30 Sep 2016 00:33:42 GMT
Complete the update of setting credentials for authentication.


Branch: refs/staging/docs-grant1
Commit: b60f78a0758c174e63089886cb39e4090dd9a9b5
Parents: b9e16c0
Author: Karen Miller <>
Authored: Thu Sep 15 13:37:42 2016 -0700
Committer: Karen Miller <>
Committed: Thu Sep 15 13:37:42 2016 -0700

 .../     | 20 ++++++++++++++------
 1 file changed, 14 insertions(+), 6 deletions(-)
diff --git a/managing/security/ b/managing/security/
index 98b5505..a605e1b 100644
--- a/managing/security/
+++ b/managing/security/
@@ -53,6 +53,11 @@ the properties `security-username` and `security-password` in whatever
 it wishes.
 It might look up values in a database or another external resource.
+Gateway senders and receivers communicate as a component of their
+server member.
+Therefore, the credential of the server become those of the gateway
+sender or receiver.
 ## How a Cache Client Sets Its Credential
 In order to connect with a locator or a server that does authentication,
@@ -65,7 +70,7 @@ There are two ways of accomplishing this:
 as in the example
      ``` pre
-     security-username=webclient
+     security-username=clientapp
 The user name and password are stored in the clear, so the
@@ -88,13 +93,16 @@ or it might prompt for values.
 ## How Other Components Set Their Credentials
-gfsh prompts upon `gfsh connect`.
-Pulse prompts upon start up.
-Components connecting via the REST API do something.
+`gfsh` prompts for the user name and password upon invocation of
+a`gfsh connect` command.
+Pulse prompts for the user name and password upon start up.
+Due to the stateless nature of the REST API,
+a web application or other component that speaks to a server or locator
+via the REST API goes through authentication on each request.
+The header of the request needs to include attributes that define values for
+`security-username` and `security-password`.
 ## Implement SecurityManager Interface

View raw message