THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
Copy the above "security.json" file into locator's directory (locator1 in the example below) or make it available on the classpath using the --classpath option while starting the locator.
Using gfsh, start a locator with security activated.
Code Block language bash gfsh> start locator --name=locator1 \ --J=-Dgemfire.security-manager=org.apache.geode.security.templates.SampleSecurityManager --classpath=.
Similarly, start a server
Code Block gfsh> start server --name=server1 --locators=localhost[10334] \ --J=-Dgemfire.security-manager=org.apache.geode.security.templates.SampleSecurityManager --classpath=.
Start a new instance of gfsh and connect with one of the users defined in your JSON file. The super-user should be allowed to do everything in gfsh.
Code Block gfsh> connect --locators=localhost[10334] --user=super-user --password=1234567
Disconnect and reconnect with a user with lesser privileges:
Code Block gfsh> disconnect gfsh> connect --locators=localhost[10334] --user=joebloggs --password=1234567 gfsh> stop server --name=server1 An error occurred while attempting to stop a Cache Server: Subject does not have permission [CLUSTER:READ]
- Currently, changes to the security.json file require the locator to be restarted.
...