geode-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joris Melchior <jmelch...@pivotal.io>
Subject Re: Token based authentication support added in Geode Develop
Date Mon, 07 Oct 2019 15:20:33 GMT
Yes, at the moment the we only support receiving a token provided in the
Authentication header field. We don't provide the standard endpoints for
token acquisition and refresh.

On Fri, Oct 4, 2019 at 4:14 PM John Blum <jblum@pivotal.io> wrote:

> So application developer's will need to know to code their application
> client's to lookup the JWT token (from some store) and set HTTP request
> headers to send the token, or will this be handled automatically by a geode
> client?
>
> On Fri, Oct 4, 2019 at 11:37 AM Jinmei Liao <jiliao@pivotal.io> wrote:
>
> > yes, correct,  we are assuming the client will have the token available
> > somehow and send in the token in the authentication header. We are not
> > doing anything with actual token management.
> >
> > On Fri, Oct 4, 2019 at 11:34 AM Jens Deppe <jdeppe@pivotal.io> wrote:
> >
> > > So, to be clear, we're providing the ability to recognize a HTTP
> > > authentication header containing 'Bearer <some encoded token string>'
> and
> > > then handing that to the Security Manager to do with as it pleases?
> > >
> > > We're not doing anything with actual token management? (i.e.
> generating,
> > > revoking, etc.).
> > >
> > > --Jens
> > >
> > > On Fri, Oct 4, 2019 at 10:59 AM Jinmei Liao <jiliao@pivotal.io> wrote:
> > >
> > > > Hi, all
> > > >
> > > > JWT token based authentication support is added to Geode develop
> > branch.
> > > > Currently only management v2 rest api can use this (we can add dev
> rest
> > > > there too if requested). In order to turn on token based auth for
> > > > management rest api, you will need to do these two things:
> > > > 1. start your locator with this property:
> > > >      *security-auth-token-enabled-components = all (or management)*
> > > > 2. implement your SecurityManager to authenticate the jwt token
> passed
> > > in.
> > > > The jwt token will be available in the properties using the key
> > > > "security-token".
> > > >
> > > > Let me know if you have any questions.
> > > >
> > > > --
> > > > Cheers
> > > >
> > > > Jinmei
> > > >
> > >
> >
> >
> > --
> > Cheers
> >
> > Jinmei
> >
>
>
> --
> -John
> john.blum10101 (skype)
>


-- 
*Joris Melchior *
CF Engineering
Pivotal Toronto
416 877 5427

“Programs must be written for people to read, and only incidentally for
machines to execute.” – *Hal Abelson*
<https://en.wikipedia.org/wiki/Hal_Abelson>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message