Geode is introducing additional security features which allow finer grained control for JMX operations as well as GFSH commands. This page describes those changes and new functionality which has been introduced.
- All Resources are enumerated via the enum
OperationContext.Resource.
- All OperationCodes are enumerated via the enum
OperationContext.OperationCode.
- All of the existing
OperationContext.is*
methods have been deprecated in favor of testing against the relevant enums. - The resource and operation code, for a given context, can be retrieved using
OperationContext.getResource
andOperationContext.getOperationCode
respectively. Existing code, implementing AccessControl, would have needed to check the type of the OperationContext as passed into the
authorizeOperation
method. This is still possible, however it will now be easier to achieve the same functionality by simply checking the Resource and OperationCode of the context. For example, existing code might have looked like this:
functionality is automatically activated when the Geode properties security-client-authenticator
and security-client-accessor
are set.
Permissions are designed to be noun-verby and are in the form of RESOURCE:OPERATION[:REGION] tuples. The following values are valid:
Resource
- CLUSTER
- DATA
Operation
1. No changes for existing implementations of Authenticator and AccessControl for client-server security
The API for authentication and authorization has not changed. However, in order to authorize and secure JMX and GFSH operations, existing implementations will need to be modified.
2. Introduction of Resource and OperationCode
The notion of a permission in the form of a noun (Resource) and verb (OperationCode) is being introduced. This will typically be represented as a colon-separated tuple in the form of RESOURCE:OPERATION_CODE. In some cases, permissions are also applicable to regions; in such cases the permission would be in the form RESOURCE:OPERATION_CODE:REGION. Currently the following have been defined:
Resource
- CLUSTER
- DATA
Operation
- MANAGE
- READ
- WRITE
- CLOSE_CQ
- CONTAINS_KEY
- DESTROY
- EXECUTE_CQ
- EXECUTE_FUNCTION
GET
- GET_DURABLE_CQS
- INVALIDATE
- KEY_SET
PUT
PUTALL
- QUERY
REGION_CLEAR
REGION_CREATE
REGION_DESTROY
REGISTER_INTEREST
REMOVEALL
- STOP_CQ
UNREGISTER_INTEREST
Operations in RED refer to existing client-server operations.
3. Expanded functionality for OperationContext
dsaas
All Resources are enumerated via the enum OperationContext.Resource.
All OperationCodes are enumerated via the enum OperationContext.OperationCode.
All of the existing OperationContext.is*
methods have been deprecated in favor of testing against the relevant enums.
The resource and operation code, for a given context, can be retrieved using OperationContext.getResource
and OperationContext.getOperationCode
respectively.
Existing code, implementing AccessControl, would have needed to check the type of the OperationContext as passed into the authorizeOperation
method. This is still possible, however it will now be easier to achieve the same functionality by simply checking the Resource and OperationCode of the context. For example, existing code might have looked like this:
functionality is automatically activated when the Geode properties security-client-authenticator
and security-client-accessor
are set.
Permissions are designed to be noun-verby and are in the form of RESOURCE:OPERATION[:REGION] tuples. The following values are valid:
Resource
- CLUSTER
- DATA
Operation
- MANAGE
- READ
- WRITE
- CLOSE_CQ
- CONTAINS_KEY
- DESTROY
- EXECUTE_CQ
- EXECUTE_FUNCTION
GET
- GET_DURABLE_CQS
- INVALIDATE
- KEY_SET
PUT
PUTALL
- QUERY
REGION_CLEAR
REGION_CREATE
REGION_DESTROY
REGISTER_INTEREST
REMOVEALL
- STOP_CQ
UNREGISTER_INTEREST
- MANAGE
- READ
- WRITE
At the end of this document is a reference list of all JMX and GFSH operations with their corresponding permissions.
...