You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@geode.apache.org by "ASF subversion and git services (JIRA)" <ji...@apache.org> on 2017/10/19 16:37:00 UTC

[jira] [Commented] (GEODE-3739) Amend current protocol Username / password to mimic the current SecurityManager implementation

    [ https://issues.apache.org/jira/browse/GEODE-3739?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16211320#comment-16211320 ] 

ASF subversion and git services commented on GEODE-3739:
--------------------------------------------------------

Commit d7ea68fd41a4db0244ed17d5a25460f18e5cd37e in geode's branch refs/heads/develop from [~WireBaron]
[ https://gitbox.apache.org/repos/asf?p=geode.git;h=d7ea68f ]

GEODE-3739: Refactor protobuf authentication (#922)

GEODE-3739: Refactor protobuf authentication

Use the security settings to determine authentication type, remove new authentication property
Move the authentication and authorization objects out of core
Change authentication messages to use full protobuf message objects
Add and update unit tests

Signed-off-by: Sarge <md...@pivotal.io>
Signed-off-by: Brian Rowe <br...@pivotal.io>


> Amend current protocol Username / password to mimic the current SecurityManager implementation
> ----------------------------------------------------------------------------------------------
>
>                 Key: GEODE-3739
>                 URL: https://issues.apache.org/jira/browse/GEODE-3739
>             Project: Geode
>          Issue Type: Improvement
>          Components: client/server
>            Reporter: Udo Kohlmeyer
>            Assignee: Galen O'Sullivan
>
> The current implementation of the simple username password authentication has a very specific message. The SimpleUsernamePassword authentication class then processes that messages and populates very specific properties and passes that through to the SecurityManager.
> Given that the securityManager implementation is custom this approach is very limiting. The new implementation would need to better mimic the generic properties that are passed through without having to manually set any properties.
> A suggestion is to use a more generic Properties-based authenticator, that will take the properties that a client sets and pass them through directly to the SecurityManager without interfering with the message other than deserializing it from a hash into properties.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)