You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@geode.apache.org by rv...@apache.org on 2016/09/30 00:33:19 UTC

[12/50] [abbrv] incubator-geode git commit: Security - moved overview to top of section.

Security - moved overview to top of section.


Project: http://git-wip-us.apache.org/repos/asf/incubator-geode/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-geode/commit/7c8acc58
Tree: http://git-wip-us.apache.org/repos/asf/incubator-geode/tree/7c8acc58
Diff: http://git-wip-us.apache.org/repos/asf/incubator-geode/diff/7c8acc58

Branch: refs/staging/docs-grant1
Commit: 7c8acc589fd57fb523109adf41a9198515b1a82c
Parents: bce4a11
Author: Dave Barnes <db...@pivotal.io>
Authored: Fri Sep 2 15:58:14 2016 -0700
Committer: Dave Barnes <db...@pivotal.io>
Committed: Fri Sep 2 15:58:14 2016 -0700

----------------------------------------------------------------------
 managing/security/chapter_overview.html.md.erb            | 8 ++++----
 managing/security/implementing_authentication.html.md.erb | 3 ++-
 managing/security/implementing_security.html.md.erb       | 9 +++++----
 3 files changed, 11 insertions(+), 9 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c8acc58/managing/security/chapter_overview.html.md.erb
----------------------------------------------------------------------
diff --git a/managing/security/chapter_overview.html.md.erb b/managing/security/chapter_overview.html.md.erb
index d1636a3..8b8ca63 100644
--- a/managing/security/chapter_overview.html.md.erb
+++ b/managing/security/chapter_overview.html.md.erb
@@ -4,6 +4,10 @@ title:  Security
 
 The security framework permits authentication of connecting components and authorization of operations for all communicating components of the distributed system.
 
+-   **[Security Implementation Overview](../../managing/security/implementing_security.html)**
+
+    Apache Geode can authenticate peer system members and clients. It can also authorize cache operations on a server from clients.
+
 -   **[Security Features](../../managing/security/security_intro.html)**
 
     Encryption, SSL secure communication, authentication, and authorization 
@@ -13,10 +17,6 @@ features help to secure the distributed system.
 
     This section gathers discrete details in one convenient location to better help you assess and configure the security of your environment.
 
--   **[Security Implementation Overview](../../managing/security/implementing_security.html)**
-
-    Apache Geode can authenticate peer system members and clients. It can also authorize cache operations on a server from clients.
-
 -   **[Enable Security with Property Definitions](../../managing/security/enable_security.html)**
 
 -   **[Authentication](../../managing/security/authentication_overview.html)**

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c8acc58/managing/security/implementing_authentication.html.md.erb
----------------------------------------------------------------------
diff --git a/managing/security/implementing_authentication.html.md.erb b/managing/security/implementing_authentication.html.md.erb
index 52c6114..e7ae1d1 100644
--- a/managing/security/implementing_authentication.html.md.erb
+++ b/managing/security/implementing_authentication.html.md.erb
@@ -15,9 +15,10 @@ If approved, the connection request returns a `java.security.Principal` object,
 -   Servers may be authenticated by their clients during the connection initialization.
 -   Depending on the member, the new member may in turn become an authenticator to other joining members. Members joining a system must trust that existing members are already authenticated.
 
-Locators maintain and distribute the authenticated member list. The distributed member list is also authenticated by all members, which prevents an unauthorized application from introducing itself into membership by distributing an member list that includes itself.
+Locators maintain and distribute the authenticated member list. The distributed member list is also authenticated by all members, which prevents an unauthorized application from introducing itself into membership by distributing a member list that includes itself.
 
 <img src="../../images/security-1.gif" id="how_authentication_works__image_D3AE53AB4E0441A5A078E5D07EC20C5D" class="image" />
+
 Geode authentication provides a flexible plug-in framework. Any security infrastructure can be plugged in to the system as long as the plug-ins implement the required Geode interfaces.
 ## Enable Authentication with Property Definitions
 

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c8acc58/managing/security/implementing_security.html.md.erb
----------------------------------------------------------------------
diff --git a/managing/security/implementing_security.html.md.erb b/managing/security/implementing_security.html.md.erb
index e70712b..b8122e5 100644
--- a/managing/security/implementing_security.html.md.erb
+++ b/managing/security/implementing_security.html.md.erb
@@ -6,8 +6,9 @@ Apache Geode can authenticate system members, clients, and other system
 entities. It can also individually authorize cache operations 
 for those various entities.
 
-<a id="implementing_security__section_79F6CF928E764CA294D466D0CB2E5FAC"></a>
-An overview of How it all Works
+
+## <a id="implementing_security__section_79F6CF928E764CA294D466D0CB2E5FAC" class="no-quick-link"></a>An overview of How it all Works##
+
 The security of a distributed system can be greatly enhanced by
 authenticating all system participants.
 This verifies the identity of the participants,
@@ -20,7 +21,7 @@ or administrators.
 
 Given authentication,
 isolation and access to cache data and system state can be further
-protected by implementing a authorization mechanism.
+protected by implementing an authorization mechanism.
 For example, only certain system administrators might be permitted
 to start and stop servers. 
 The authority to do this needs to be limited to specific
@@ -60,7 +61,7 @@ There are three values:
 
 - `READ` looks at data; it does not modify anything. 
 - `WRITE` modifies data. `WRITE` does not imply `READ`.
-- `MANAGE` accesses admininistrative information. `MANAGE` does not imply `WRITE`.
+- `MANAGE` accesses administrative information. `MANAGE` does not imply `WRITE`.
 
 Data read and write operations may be further applied to regions
 and specific keys within regions.