You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@geode.apache.org by Nilkanth Patel <ni...@gmail.com> on 2018/03/01 11:06:21 UTC
Row-Level security with key as a regex
Hi Team,
I am exploring row-level security with Geode and observed that exact key
has to be provided in security configuration (for example:
DATA:READ:MyRegion:*system*).
Is there any way to provide Key as a regex (*admin*) ..? I want to achieve
row-level security on all keys containing *system* as a sub-string.
Providing each key in security-config is very cumbersome.
-Nilkanth.
Re: Row-Level security with key as a regex
Posted by Nilkanth Patel <ni...@gmail.com>.
Jens, Thanks for your reply, now i get this.
As you said, implementing the required authorization behavior in
SecurityManager.authorize() callback is way to go.
Thanks,
Nilkanth.
On Thu, Mar 1, 2018 at 7:32 PM, Jens Deppe <je...@apache.org> wrote:
> Hi Nilkanth,
>
> It's basically up to the provided SecurityManager how to handle the
> ResourcePermission passed into it.
>
> So in your implementation could be as simple as:
>
> if (rp.getKey() != null && rp.getKey().contains("system") {...}
>
> Are you perhaps looking at a specific SecurityManager implementation?
>
> --Jens
>
> On Thu, Mar 1, 2018 at 3:06 AM, Nilkanth Patel <ni...@gmail.com>
> wrote:
>
> > Hi Team,
> >
> > I am exploring row-level security with Geode and observed that exact key
> > has to be provided in security configuration (for example:
> > DATA:READ:MyRegion:*system*).
> >
> > Is there any way to provide Key as a regex (*admin*) ..? I want to
> achieve
> > row-level security on all keys containing *system* as a sub-string.
> > Providing each key in security-config is very cumbersome.
> >
> > -Nilkanth.
> >
>
Re: Row-Level security with key as a regex
Posted by Jens Deppe <je...@apache.org>.
Hi Nilkanth,
It's basically up to the provided SecurityManager how to handle the
ResourcePermission passed into it.
So in your implementation could be as simple as:
if (rp.getKey() != null && rp.getKey().contains("system") {...}
Are you perhaps looking at a specific SecurityManager implementation?
--Jens
On Thu, Mar 1, 2018 at 3:06 AM, Nilkanth Patel <ni...@gmail.com>
wrote:
> Hi Team,
>
> I am exploring row-level security with Geode and observed that exact key
> has to be provided in security configuration (for example:
> DATA:READ:MyRegion:*system*).
>
> Is there any way to provide Key as a regex (*admin*) ..? I want to achieve
> row-level security on all keys containing *system* as a sub-string.
> Providing each key in security-config is very cumbersome.
>
> -Nilkanth.
>