geode-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Pulkit Chandra (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (GEODE-17) Provide Integrated Security
Date Tue, 04 Aug 2015 13:54:04 GMT

    [ https://issues.apache.org/jira/browse/GEODE-17?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14653668#comment-14653668
] 

Pulkit Chandra commented on GEODE-17:
-------------------------------------

Any plans to encrypt the plain test passwords in the properties file? We will using the security-*
properties but the current implementation is not encrypting the passwords. Also the class
"PasswordUtil" has very basic algorithm of encryption, can we consider some other options?

> Provide Integrated Security
> ---------------------------
>
>                 Key: GEODE-17
>                 URL: https://issues.apache.org/jira/browse/GEODE-17
>             Project: Geode
>          Issue Type: New Feature
>          Components: client/server, core, management & tools
>            Reporter: Tushar Khairnar
>            Assignee: Nilkanth Patel
>              Labels: security
>
> Integrated Security: Purpose of integrated security feature is to provide uniform authentication
and authorization capabilities for all Geode clients. Geode distributed systems has different
clients, some perform cache/region operations, some perform management operations. In order
to authenticate and authorize these actions we need single consistent framework or interface.
Such interface should allow configuration of access levels from single place and/or repository.

> The key requirements being met here are
>  - Authentication of all clients from single plugin
>  - Authorization of cache/data operations (through cache-client and REST) and managements
(GFSH/JMX) operations from single plugin
>  - Extend existing Client-Server security framework



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message