[jira] [Commented] (GEODE-9547) Enable Redis Server to Authorize Using Security Manager

["ASF subversion and git services (Jira)" <ji...@apache.org>]

    [ https://issues.apache.org/jira/browse/GEODE-9547?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17419450#comment-17419450 ] 

ASF subversion and git services commented on GEODE-9547:
--------------------------------------------------------

Commit 47ba499b57626a5692906603774f94871f2234b9 in geode's branch refs/heads/develop from Jens Deppe
[ https://gitbox.apache.org/repos/asf?p=geode.git;h=47ba499 ]

GEODE-9547: Radish commands are authorized by the SecurityManager (#6883)

- A default ResourcePermission of DATA:WRITE:REDIS_DATA is used. This
  can be overridden by setting the system property
  redis.resource-permission.
- If available, every request is authorized against the SecurityManager.


> Enable Redis Server to Authorize Using Security Manager
> -------------------------------------------------------
>
>                 Key: GEODE-9547
>                 URL: https://issues.apache.org/jira/browse/GEODE-9547
>             Project: Geode
>          Issue Type: New Feature
>          Components: redis
>            Reporter: Wayne
>            Priority: Major
>              Labels: pull-request-available, redis
>             Fix For: 1.15.0
>
>
> Every Redis Command/API invocation must be authorized against the customer provided Security Manager.
>  
> The SecurityManager.authorize method must be called for every Redis API call using the principal returned by the SecurityManager.authenticate method during the authentication process.
> The ResourcePermission passed to the authorize method should be the same for all operations. The actual permission string is TBD  - perhaps DATA:WRITE:REDIS_DATA ?? In the future we may provide more fine grained support with different ResourcePermissions for different redis operations.
> +Acceptance Criteria+
> TBD
>  



--
This message was sent by Atlassian Jira
(v8.3.4#803005)