This is an automated email from the ASF dual-hosted git repository.
jinwoo pushed a commit to branch support/1.15
in repository https://gitbox.apache.org/repos/asf/geode.git
The following commit(s) were added to refs/heads/support/1.15 by this push:
new 4581a400f2 Document update - Security section (#7920)
4581a400f2 is described below
commit 4581a400f26d8b3baffc613dd73d4c6224e1fd9d
Author: kaajaln2 <[email protected]>
AuthorDate: Thu Sep 4 11:10:50 2025 -0400
Document update - Security section (#7920)
* Document update - Security section – Added the Security Model statement
to the Security section and repositioned the entire section to the top-level
hierarchy of the document for improved visibility.
Also added a link to the security pages in the “Apache Geode is 15 or Less”
section to enhance accessibility to related resources.
* Fixed based on review - Links called directly. Fixed indentation issue.
Fixed broken links.
(cherry picked from commit 7962e2cb65a44473f789366a2b4ffcba338a9064)
---
.../source/subnavs/geode-subnav.erb | 174 +++++++++++----------
.../the_cache/managing_a_secure_cache.html.md.erb | 4 +-
.../cluster_config/gfsh_remote.html.md.erb | 2 +-
.../function_exec/function_execution.html.md.erb | 2 +-
.../how_function_execution_works.html.md.erb | 2 +-
.../query_select/the_where_clause.html.md.erb | 6 +-
.../15_minute_quickstart_gfsh.html.md.erb | 8 +-
geode-docs/managing/book_intro.html.md.erb | 5 -
.../management/jmx_manager_node.html.md.erb | 2 +-
.../slow_receivers_managing.html.md.erb | 2 +-
.../log_messages_and_solutions.html.md.erb | 2 +-
geode-docs/rest_apps/setup_config.html.md.erb | 2 +-
.../security/authentication_examples.html.md.erb | 0
.../security/authentication_overview.html.md.erb | 0
.../security/authorization_example.html.md.erb | 0
.../security/authorization_overview.html.md.erb | 0
.../security/chapter_overview.html.md.erb | 11 +-
.../security/enable_security.html.md.erb | 2 +-
.../implementing_authentication.html.md.erb | 0
.../implementing_authentication_expiry.html.md.erb | 0
.../implementing_authorization.html.md.erb | 2 +-
.../security/implementing_security.html.md.erb | 0
.../security/implementing_ssl.html.md.erb | 4 +-
.../method_invocation_authorizers.html.md.erb | 4 +-
.../security/post_processing.html.md.erb | 2 +-
.../security/properties_file.html.md.erb | 0
.../security/security-audit.html.md.erb | 6 +-
.../security/security_audit_overview.html.md.erb | 0
geode-docs/security/security_model.html.md.erb | 35 +++++
.../security/ssl_example.html.md.erb | 0
.../security/ssl_overview.html.md.erb | 2 +-
.../tools_modules/pulse/pulse-auth.html.md.erb | 2 +-
32 files changed, 160 insertions(+), 121 deletions(-)
diff --git a/geode-book/master_middleman/source/subnavs/geode-subnav.erb
b/geode-book/master_middleman/source/subnavs/geode-subnav.erb
index 018b6213fb..b775901391 100644
--- a/geode-book/master_middleman/source/subnavs/geode-subnav.erb
+++ b/geode-book/master_middleman/source/subnavs/geode-subnav.erb
@@ -23,7 +23,7 @@ limitations under the License.
<li>
<a
href="/docs/guide/<%=vars.product_version_nodot%>/about_geode.html">Apache
Geode Documentation</a>
</li>
- <li class="has_submenu">
+ <li class="has_submenu">
<a
href="/docs/guide/<%=vars.product_version_nodot%>/getting_started/book_intro.html">Getting
Started with Apache Geode</a>
<ul>
<li>
@@ -77,6 +77,94 @@ limitations under the License.
</li>
</ul>
</li>
+ <li class="has_submenu">
+ <a
href="/docs/guide/<%=vars.product_version_nodot%>/security/chapter_overview.html">Security</a>
+ <ul>
+ <li>
+ <a
href="/docs/guide/<%=vars.product_version_nodot%>/security/security_model.html">Security
Model</a>
+ </li>
+ <li>
+ <a
href="/docs/guide/<%=vars.product_version_nodot%>/security/implementing_security.html">Security
Implementation Introduction and Overview</a>
+ </li>
+ <li class="has_submenu">
+ <a
href="/docs/guide/<%=vars.product_version_nodot%>/security/security_audit_overview.html">Security
Detail Considerations</a>
+ <ul>
+ <li>
+ <a
href="/docs/guide/<%=vars.product_version_nodot%>/security/security-audit.html">External
Interfaces, Ports, and Services</a>
+ </li>
+ <li>
+ <a
href="/docs/guide/<%=vars.product_version_nodot%>/security/security-audit.html#topic_263072624B8D4CDBAD18B82E07AA44B6">Resources
That Must Be Protected</a>
+ </li>
+ <li>
+ <a
href="/docs/guide/<%=vars.product_version_nodot%>/security/security-audit.html#topic_5B6DF783A14241399DC25C6EE8D0048A">Log
File Locations</a>
+ </li>
+ <li>
+ <a
href="/docs/guide/<%=vars.product_version_nodot%>/security/properties_file.html">Where
to Place Security Configuration Settings</a>
+ </li>
+ </ul>
+ </li>
+ <li>
+ <a
href="/docs/guide/<%=vars.product_version_nodot%>/security/enable_security.html">Enable
Security with Property Definitions</a>
+ </li>
+ <li class="has_submenu">
+ <a
href="/docs/guide/<%=vars.product_version_nodot%>/security/authentication_overview.html">Authentication</a>
+ <ul>
+ <li>
+ <a
href="/docs/guide/<%=vars.product_version_nodot%>/security/implementing_authentication.html">Implementing
Authentication</a>
+ </li>
+ <li>
+ <a
href="/docs/guide/<%=vars.product_version_nodot%>/security/authentication_examples.html">Authentication
Example</a>
+ </li>
+ <li>
+ <a
href="/docs/guide/<%=vars.product_version_nodot%>/security/implementing_authentication_expiry.html">Implementing
Authentication Expiry</a>
+ </li>
+ </ul>
+ </li>
+ <li class="has_submenu">
+ <a
href="/docs/guide/<%=vars.product_version_nodot%>/security/authorization_overview.html">Authorization</a>
+ <ul>
+ <li>
+ <a
href="/docs/guide/<%=vars.product_version_nodot%>/security/implementing_authorization.html">Implementing
Authorization</a>
+ </li>
+ <li>
+ <a
href="/docs/guide/<%=vars.product_version_nodot%>/security/method_invocation_authorizers.html">Method
Invocation Authorizers</a>
+ </li>
+ <li>
+ <a
href="/docs/guide/<%=vars.product_version_nodot%>/security/authorization_example.html">Authorization
Examples</a>
+ </li>
+ </ul>
+ </li>
+ <li>
+ <a
href="/docs/guide/<%=vars.product_version_nodot%>/security/post_processing.html">Post
Processing of Region Data</a>
+ </li>
+ <li class="has_submenu">
+ <a
href="/docs/guide/<%=vars.product_version_nodot%>/security/ssl_overview.html">SSL</a>
+ <ul>
+ <li class="has_submenu">
+ <a
href="/docs/guide/<%=vars.product_version_nodot%>/security/implementing_ssl.html">Configuring
SSL</a>
+ <ul>
+ <li>
+ <a
href="/docs/guide/<%=vars.product_version_nodot%>/security/implementing_ssl.html#ssl_configurable_components">SSL-Configurable
Components</a>
+ </li>
+ <li>
+ <a
href="/docs/guide/<%=vars.product_version_nodot%>/security/implementing_ssl.html#ssl_configuration_properties">SSL
Configuration Properties</a>
+ </li>
+ <li>
+ <a
href="/docs/guide/<%=vars.product_version_nodot%>/security/implementing_ssl.html#ssl_property_reference_tables">SSL
Property Reference Tables</a>
+ </li>
+ <li>
+ <a
href="/docs/guide/<%=vars.product_version_nodot%>/security/implementing_ssl.html#implementing_ssl__sec_ssl_impl_proc">Procedure</a>
+ </li>
+ </ul>
+ </li>
+ <li>
+ <a
href="/docs/guide/<%=vars.product_version_nodot%>/security/ssl_example.html">SSL
Sample Implementation</a>
+ </li>
+ </ul>
+ </li>
+ </ul>
+ </li>
+
<li class="has_submenu">
<a
href="/docs/guide/<%=vars.product_version_nodot%>/configuring/chapter_overview.html">Configuring
and Running a Cluster</a>
<ul>
@@ -587,90 +675,6 @@ limitations under the License.
</li>
</ul>
</li>
- <li class="has_submenu">
- <a
href="/docs/guide/<%=vars.product_version_nodot%>/managing/security/chapter_overview.html">Security</a>
- <ul>
- <li>
- <a
href="/docs/guide/<%=vars.product_version_nodot%>/managing/security/implementing_security.html">Security
Implementation Introduction and Overview</a>
- </li>
- <li class="has_submenu">
- <a
href="/docs/guide/<%=vars.product_version_nodot%>/managing/security/security_audit_overview.html">Security
Detail Considerations</a>
- <ul>
- <li>
- <a
href="/docs/guide/<%=vars.product_version_nodot%>/managing/security/security-audit.html">External
Interfaces, Ports, and Services</a>
- </li>
- <li>
- <a
href="/docs/guide/<%=vars.product_version_nodot%>/managing/security/security-audit.html#topic_263072624B8D4CDBAD18B82E07AA44B6">Resources
That Must Be Protected</a>
- </li>
- <li>
- <a
href="/docs/guide/<%=vars.product_version_nodot%>/managing/security/security-audit.html#topic_5B6DF783A14241399DC25C6EE8D0048A">Log
File Locations</a>
- </li>
- <li>
- <a
href="/docs/guide/<%=vars.product_version_nodot%>/managing/security/properties_file.html">Where
to Place Security Configuration Settings</a>
- </li>
- </ul>
- </li>
- <li>
- <a
href="/docs/guide/<%=vars.product_version_nodot%>/managing/security/enable_security.html">Enable
Security with Property Definitions</a>
- </li>
- <li class="has_submenu">
- <a
href="/docs/guide/<%=vars.product_version_nodot%>/managing/security/authentication_overview.html">Authentication</a>
- <ul>
- <li>
- <a
href="/docs/guide/<%=vars.product_version_nodot%>/managing/security/implementing_authentication.html">Implementing
Authentication</a>
- </li>
- <li>
- <a
href="/docs/guide/<%=vars.product_version_nodot%>/managing/security/authentication_examples.html">Authentication
Example</a>
- </li>
- <li>
- <a
href="/docs/guide/<%=vars.product_version_nodot%>/managing/security/implementing_authentication_expiry.html">Implementing
Authentication Expiry</a>
- </li>
- </ul>
- </li>
- <li class="has_submenu">
- <a
href="/docs/guide/<%=vars.product_version_nodot%>/managing/security/authorization_overview.html">Authorization</a>
- <ul>
- <li>
- <a
href="/docs/guide/<%=vars.product_version_nodot%>/managing/security/implementing_authorization.html">Implementing
Authorization</a>
- </li>
- <li>
- <a
href="/docs/guide/<%=vars.product_version_nodot%>/managing/security/method_invocation_authorizers.html">Method
Invocation Authorizers</a>
- </li>
- <li>
- <a
href="/docs/guide/<%=vars.product_version_nodot%>/managing/security/authorization_example.html">Authorization
Examples</a>
- </li>
- </ul>
- </li>
- <li>
- <a
href="/docs/guide/<%=vars.product_version_nodot%>/managing/security/post_processing.html">Post
Processing of Region Data</a>
- </li>
- <li class="has_submenu">
- <a
href="/docs/guide/<%=vars.product_version_nodot%>/managing/security/ssl_overview.html">SSL</a>
- <ul>
- <li class="has_submenu">
- <a
href="/docs/guide/<%=vars.product_version_nodot%>/managing/security/implementing_ssl.html">Configuring
SSL</a>
- <ul>
- <li>
- <a
href="/docs/guide/<%=vars.product_version_nodot%>/managing/security/implementing_ssl.html#ssl_configurable_components">SSL-Configurable
Components</a>
- </li>
- <li>
- <a
href="/docs/guide/<%=vars.product_version_nodot%>/managing/security/implementing_ssl.html#ssl_configuration_properties">SSL
Configuration Properties</a>
- </li>
- <li>
- <a
href="/docs/guide/<%=vars.product_version_nodot%>/managing/security/implementing_ssl.html#ssl_property_reference_tables">SSL
Property Reference Tables</a>
- </li>
- <li>
- <a
href="/docs/guide/<%=vars.product_version_nodot%>/managing/security/implementing_ssl.html#implementing_ssl__sec_ssl_impl_proc">Procedure</a>
- </li>
- </ul>
- </li>
- <li>
- <a
href="/docs/guide/<%=vars.product_version_nodot%>/managing/security/ssl_example.html">SSL
Sample Implementation</a>
- </li>
- </ul>
- </li>
- </ul>
- </li>
<li class="has_submenu">
<a
href="/docs/guide/<%=vars.product_version_nodot%>/managing/monitor_tune/chapter_overview.html">Performance
Tuning and Configuration</a>
<ul>
diff --git
a/geode-docs/basic_config/the_cache/managing_a_secure_cache.html.md.erb
b/geode-docs/basic_config/the_cache/managing_a_secure_cache.html.md.erb
index d130720f00..3f0164c9fc 100644
--- a/geode-docs/basic_config/the_cache/managing_a_secure_cache.html.md.erb
+++ b/geode-docs/basic_config/the_cache/managing_a_secure_cache.html.md.erb
@@ -24,7 +24,7 @@ and authorization prior to cache operations.
Client apps and cluster members (servers and locators) require
configuration and setup when the `SecurityManager` is enabled.
-See the section on [Security](../../managing/security/chapter_overview.html)
+See the section on [Security](../../security/chapter_overview.html)
for details.
For authentication, see
-[Implementing
Authentication](../../managing/security/implementing_authentication.html).
+[Implementing Authentication](../../security/implementing_authentication.html).
diff --git a/geode-docs/configuring/cluster_config/gfsh_remote.html.md.erb
b/geode-docs/configuring/cluster_config/gfsh_remote.html.md.erb
index 51472a25a8..dd2e0779c6 100644
--- a/geode-docs/configuring/cluster_config/gfsh_remote.html.md.erb
+++ b/geode-docs/configuring/cluster_config/gfsh_remote.html.md.erb
@@ -70,7 +70,7 @@ To connect `gfsh` using the HTTP protocol to a remote cluster:
To configure SSL for the remote connection (HTTPS), enable SSL for the `http`
component
in <span class="ph filepath">gemfire.properties</span> or <span class="ph
filepath">gfsecurity-properties</span> or upon server startup. See
-[SSL](../../managing/security/ssl_overview.html) for details on configuring
SSL parameters. These
+[SSL](../../security/ssl_overview.html) for details on configuring SSL
parameters. These
SSL parameters also apply to all HTTP services hosted on the configured JMX
Manager, which can
include the following:
diff --git a/geode-docs/developing/function_exec/function_execution.html.md.erb
b/geode-docs/developing/function_exec/function_execution.html.md.erb
index 173327003f..051e254747 100644
--- a/geode-docs/developing/function_exec/function_execution.html.md.erb
+++ b/geode-docs/developing/function_exec/function_execution.html.md.erb
@@ -44,7 +44,7 @@ Code the methods you need for the function. These steps do
not have to be done i
- If the function should be run with an authorization level other than
the default of `DATA:WRITE`,
implement an override of the `Function.getRequiredPermissions()` method.
-See [Authorization of Function
Execution](../../managing/security/implementing_authorization.html#AuthorizeFcnExecution)
for details on this method.
+See [Authorization of Function
Execution](../../security/implementing_authorization.html#AuthorizeFcnExecution)
for details on this method.
- Code the `execute` method to perform the work of the function.
1. Make `execute` thread safe to accommodate simultaneous invocations.
2. For high availability, code `execute` to accommodate multiple
identical calls to the function. Use the `RegionFunctionContext`
`isPossibleDuplicate` to determine whether the call may be a high-availability
re-execution. This boolean is set to true on execution failure and is false
otherwise.
diff --git
a/geode-docs/developing/function_exec/how_function_execution_works.html.md.erb
b/geode-docs/developing/function_exec/how_function_execution_works.html.md.erb
index 834db7aeaf..a64a0f4a52 100644
---
a/geode-docs/developing/function_exec/how_function_execution_works.html.md.erb
+++
b/geode-docs/developing/function_exec/how_function_execution_works.html.md.erb
@@ -44,7 +44,7 @@ a check is made to see that that caller is authorized to
execute
the function.
The required permissions for authorization are provided by
the function's `Function.getRequiredPermissions()` method.
-See [Authorization of Function
Execution](../../managing/security/implementing_authorization.html#AuthorizeFcnExecution)
for a discussion of this method.
+See [Authorization of Function
Execution](../../security/implementing_authorization.html#AuthorizeFcnExecution)
for a discussion of this method.
2. Given successful authorization,
<%=vars.product_name%> invokes the function on all members where it
needs to run. The locations are determined by the `FunctionService` `on*`
diff --git a/geode-docs/developing/query_select/the_where_clause.html.md.erb
b/geode-docs/developing/query_select/the_where_clause.html.md.erb
index 64b7905b72..a5b743b509 100644
--- a/geode-docs/developing/query_select/the_where_clause.html.md.erb
+++ b/geode-docs/developing/query_select/the_where_clause.html.md.erb
@@ -241,12 +241,12 @@ When a `null` argument is used, if the query processor
cannot determine the prop
**Methods calls with the `SecurityManager` enabled**
-When the `SecurityManager` is enabled, by default <%=vars.product_name%>
throws a `NotAuthorizedException` when any method that does not belong to the
to the list of default allowed methods, given in
[RestrictedMethodAuthorizer](../../managing/security/method_invocation_authorizers.html#restrictedMethodAuthorizer),
is invoked.
+When the `SecurityManager` is enabled, by default <%=vars.product_name%>
throws a `NotAuthorizedException` when any method that does not belong to the
to the list of default allowed methods, given in
[RestrictedMethodAuthorizer](../../security/method_invocation_authorizers.html#restrictedMethodAuthorizer),
is invoked.
-In order to further customize this authorization check, see [Changing the
Method
Authorizer](../../managing/security/method_invocation_authorizers.html#changing_method_authorizer).
+In order to further customize this authorization check, see [Changing the
Method
Authorizer](../../security/method_invocation_authorizers.html#changing_method_authorizer).
In the past you could use the system property
`gemfire.QueryService.allowUntrustedMethodInvocation` to disable the check
altogether, but this approach is deprecated and will be removed in future
releases;
-you need to configure the
[UnrestrictedMethodAuthorizer](../../managing/security/method_invocation_authorizers.html#unrestrictedMethodAuthorizer)
instead.
+you need to configure the
[UnrestrictedMethodAuthorizer](../../security/method_invocation_authorizers.html#unrestrictedMethodAuthorizer)
instead.
## <a id="the_where_clause__section_59E7D64746AE495D942F2F09EF7DB9B5"
class="no-quick-link"></a>Enum Objects
diff --git a/geode-docs/getting_started/15_minute_quickstart_gfsh.html.md.erb
b/geode-docs/getting_started/15_minute_quickstart_gfsh.html.md.erb
index 9a7c659424..bcf3700a84 100644
--- a/geode-docs/getting_started/15_minute_quickstart_gfsh.html.md.erb
+++ b/geode-docs/getting_started/15_minute_quickstart_gfsh.html.md.erb
@@ -514,6 +514,8 @@ To shut down your cluster, do the following:
Here are some suggestions on what to explore next with
<%=vars.product_name_long%>:
-- Continue reading the next section to learn more about the components and
concepts that were just introduced.
-- To get more practice using `gfsh`, see [Tutorial—Performing Common Tasks
with
gfsh](../tools_modules/gfsh/tour_of_gfsh.html#concept_0B7DE9DEC1524ED0897C144EE1B83A34).
-- To learn about the cluster configuration service, see [Tutorial—Creating
and Using a Cluster
Configuration](../configuring/cluster_config/persisting_configurations.html#task_bt3_z1v_dl).
+- To ensure that your Geode instances are secure, see:
[Security](../security/chapter_overview.html).
+- To get more practice using `gfsh`, see [Tutorial—Performing Common Tasks
with
gfsh](../tools_modules/gfsh/tour_of_gfsh.html#concept_0B7DE9DEC1524ED0897C144EE1B83A34).
+- To learn about the cluster configuration service, see [Tutorial—Creating and
Using a Cluster
Configuration](../configuring/cluster_config/persisting_configurations.html#task_bt3_z1v_dl).
+- Continue reading the next section to learn more about the components and
concepts that were just introduced.
+
diff --git a/geode-docs/managing/book_intro.html.md.erb
b/geode-docs/managing/book_intro.html.md.erb
index 4c734fbe79..7ca8b1e558 100644
--- a/geode-docs/managing/book_intro.html.md.erb
+++ b/geode-docs/managing/book_intro.html.md.erb
@@ -43,11 +43,6 @@ limitations under the License.
<%=vars.product_name_long%> architecture and management features help
detect and resolve network partition problems.
-- **[Security](security/chapter_overview.html)**
-
- The security framework establishes trust by authenticating components
- and members upon connection. It facilitates the authorization of
operations.
-
- **[Performance Tuning and
Configuration](monitor_tune/chapter_overview.html)**
A collection of tools and controls allow you to monitor and adjust
<%=vars.product_name_long%> performance.
diff --git a/geode-docs/managing/management/jmx_manager_node.html.md.erb
b/geode-docs/managing/management/jmx_manager_node.html.md.erb
index 9054e3ebe9..843ef6d090 100644
--- a/geode-docs/managing/management/jmx_manager_node.html.md.erb
+++ b/geode-docs/managing/management/jmx_manager_node.html.md.erb
@@ -25,7 +25,7 @@ Any member can host an embedded JMX Manager, which provides a
federated view of
You need to have a JMX Manager started in your cluster in order to use
<%=vars.product_name%> management and monitoring tools such as
[gfsh](../../tools_modules/gfsh/chapter_overview.html) and
[<%=vars.product_name%> Pulse](../../tools_modules/pulse/pulse-overview.html).
-To create MBeans, a Security Manager must be enabled. See [Enable Security
with Property Definitions](../security/enable_security.html) for more
information.
+To create MBeans, a Security Manager must be enabled. See [Enable Security
with Property Definitions](../../security/enable_security.html) for more
information.
**Note:**
Each node that acts as the JMX Manager has additional memory requirements
depending on the number of resources that it is managing and monitoring. Being
a JMX Manager can increase the memory footprint of any process, including
locator processes. See [Memory Requirements for Cached
Data](../../reference/topics/memory_requirements_for_cache_data.html#calculating_memory_requirements)
for more information on calculating memory overhead on your
<%=vars.product_name%> processes.
diff --git
a/geode-docs/managing/monitor_tune/slow_receivers_managing.html.md.erb
b/geode-docs/managing/monitor_tune/slow_receivers_managing.html.md.erb
index d713cca69e..ac9937e818 100644
--- a/geode-docs/managing/monitor_tune/slow_receivers_managing.html.md.erb
+++ b/geode-docs/managing/monitor_tune/slow_receivers_managing.html.md.erb
@@ -42,7 +42,7 @@ You can configure your consumer members so their messages are
queued separately
The specifications for handling slow receipt primarily affect how your members
manage distribution for regions with distributed-no-ack scope, where
distribution is asynchronous, but the specifications can affect other
distributed scopes as well. If no regions have distributed-no-ack scope, the
mechanism is unlikely to kick in at all. When slow receipt handling does kick
in, however, it affects all distribution between the producer and that
consumer, regardless of scope.
**Note:**
-These slow receiver options are disabled in systems using SSL. See
[SSL](../security/ssl_overview.html).
+These slow receiver options are disabled in systems using SSL. See
[SSL](../../security/ssl_overview.html).
Each consumer member determines how its own slow behavior is to be handled by
its producers. The settings are specified as distributed system connection
properties. This section describes the settings and lists the associated
properties.
diff --git
a/geode-docs/managing/troubleshooting/log_messages_and_solutions.html.md.erb
b/geode-docs/managing/troubleshooting/log_messages_and_solutions.html.md.erb
index b4837c4663..e7e91616f9 100644
--- a/geode-docs/managing/troubleshooting/log_messages_and_solutions.html.md.erb
+++ b/geode-docs/managing/troubleshooting/log_messages_and_solutions.html.md.erb
@@ -22,7 +22,7 @@ limitations under the License.
This section provides explanations of <%=vars.product_name%> Log messages
with potential resolutions.
Depending on how your system is configured, log files can be found in a number
of locations.
-See [Log File
Locations](../security/security-audit.html#topic_5B6DF783A14241399DC25C6EE8D0048A)
and
+See [Log File
Locations](../../security/security-audit.html#topic_5B6DF783A14241399DC25C6EE8D0048A)
and
[Naming, Searching, and Creating Log
Files](../logging/logging_whats_next.html) for more information.
## <a id="aboveheapevictionthreshold"></a>above heap eviction threshold
diff --git a/geode-docs/rest_apps/setup_config.html.md.erb
b/geode-docs/rest_apps/setup_config.html.md.erb
index 312b198ed7..acb6b125fb 100644
--- a/geode-docs/rest_apps/setup_config.html.md.erb
+++ b/geode-docs/rest_apps/setup_config.html.md.erb
@@ -53,7 +53,7 @@ the REST API service (as well as the other embedded web
services, such as Pulse)
You can configure the Developer REST API service to run over HTTPS by enabling
SSL for the `http`
component in `gemfire.properties` or `gfsecurity.properties`, or on server
startup. See
-[SSL](../managing/security/ssl_overview.html) for details on configuring SSL
parameters. These SSL
+[SSL](../security/ssl_overview.html) for details on configuring SSL
parameters. These SSL
parameters apply to all HTTP services hosted on the configured server, which
can include the
following:
diff --git a/geode-docs/managing/security/authentication_examples.html.md.erb
b/geode-docs/security/authentication_examples.html.md.erb
similarity index 100%
rename from geode-docs/managing/security/authentication_examples.html.md.erb
rename to geode-docs/security/authentication_examples.html.md.erb
diff --git a/geode-docs/managing/security/authentication_overview.html.md.erb
b/geode-docs/security/authentication_overview.html.md.erb
similarity index 100%
rename from geode-docs/managing/security/authentication_overview.html.md.erb
rename to geode-docs/security/authentication_overview.html.md.erb
diff --git a/geode-docs/managing/security/authorization_example.html.md.erb
b/geode-docs/security/authorization_example.html.md.erb
similarity index 100%
rename from geode-docs/managing/security/authorization_example.html.md.erb
rename to geode-docs/security/authorization_example.html.md.erb
diff --git a/geode-docs/managing/security/authorization_overview.html.md.erb
b/geode-docs/security/authorization_overview.html.md.erb
similarity index 100%
rename from geode-docs/managing/security/authorization_overview.html.md.erb
rename to geode-docs/security/authorization_overview.html.md.erb
diff --git a/geode-docs/managing/security/chapter_overview.html.md.erb
b/geode-docs/security/chapter_overview.html.md.erb
similarity index 78%
rename from geode-docs/managing/security/chapter_overview.html.md.erb
rename to geode-docs/security/chapter_overview.html.md.erb
index 0ba3264b40..f75376d6f2 100644
--- a/geode-docs/managing/security/chapter_overview.html.md.erb
+++ b/geode-docs/security/chapter_overview.html.md.erb
@@ -21,6 +21,10 @@ limitations under the License.
The security framework permits authentication of connecting components and
authorization of operations for all communicating components of the cluster.
+- **[Security Model](security_model.html)**
+
+ This section describes the security model for Apache Geode. It is intended
to help users understand how Geode controls access to information and resources
so that they can make informed decisions about how to deploy and manage Geode
clusters and clients.
+
- **[Security Implementation Introduction and
Overview](implementing_security.html)**
Encryption, SSL secure communication, authentication, and authorization
help to secure the cluster.
@@ -35,13 +39,12 @@ The security framework permits authentication of connecting
components and autho
A cluster using authentication bars malicious peers or clients, and deters
inadvertent access to its cache.
-- **[Authorization](authorization_overview.html)**
+- **[Authorization](../security/authorization_overview.html)**
Client operations on a cache server can be restricted or completely
blocked based on the roles and permissions assigned to the credentials
submitted by the client.
-- **[Post Processing of Region Data](post_processing.html)**
+- **[Post Processing of Region Data](../security/post_processing.html)**
-- **[SSL](ssl_overview.html)**
+- **[SSL](../security/ssl_overview.html)**
SSL protects your data in transit between applications.
-
diff --git a/geode-docs/managing/security/enable_security.html.md.erb
b/geode-docs/security/enable_security.html.md.erb
similarity index 98%
rename from geode-docs/managing/security/enable_security.html.md.erb
rename to geode-docs/security/enable_security.html.md.erb
index 72b8dff5d8..efd75a67d6 100644
--- a/geode-docs/managing/security/enable_security.html.md.erb
+++ b/geode-docs/security/enable_security.html.md.erb
@@ -55,7 +55,7 @@ These are the default settings, so unless you have changed
them, cluster managem
enabled for your system, but be sure and confirm before proceeding. Some
systems that implement
cluster management for most members might include a few servers that do not
participate (for which
`--use-cluster-configuration=false`). See [Using the Cluster Configuration
-Service](../../configuring/cluster_config/gfsh_persist.html#using-the-cluster-config-svc)
for
+Service](../configuring/cluster_config/gfsh_persist.html#using-the-cluster-config-svc)
for
details.
### Apply security-manager to Non-participating Servers
diff --git
a/geode-docs/managing/security/implementing_authentication.html.md.erb
b/geode-docs/security/implementing_authentication.html.md.erb
similarity index 100%
rename from geode-docs/managing/security/implementing_authentication.html.md.erb
rename to geode-docs/security/implementing_authentication.html.md.erb
diff --git
a/geode-docs/managing/security/implementing_authentication_expiry.html.md.erb
b/geode-docs/security/implementing_authentication_expiry.html.md.erb
similarity index 100%
rename from
geode-docs/managing/security/implementing_authentication_expiry.html.md.erb
rename to geode-docs/security/implementing_authentication_expiry.html.md.erb
diff --git
a/geode-docs/managing/security/implementing_authorization.html.md.erb
b/geode-docs/security/implementing_authorization.html.md.erb
similarity index 98%
rename from geode-docs/managing/security/implementing_authorization.html.md.erb
rename to geode-docs/security/implementing_authorization.html.md.erb
index 341a838736..37dcb91739 100644
--- a/geode-docs/managing/security/implementing_authorization.html.md.erb
+++ b/geode-docs/security/implementing_authorization.html.md.erb
@@ -303,4 +303,4 @@ required of the entity that invokes an execution of the
function.
### <a id="AuthorizeMethodsInQueries" class="no-quick-link"></a>Authorization
of Methods Invoked from Queries
Enabling the `SecurityManager` affects queries by restricting the methods that
a running query may invoke.
-See [Method
Invocations](../../developing/query_select/the_where_clause.html#the_where_clause__section_D2F8D17B52B04895B672E2FCD675A676)
and [Method Invocation Authorizers](method_invocation_authorizers.html) for
details.
+See [Method
Invocations](../developing/query_select/the_where_clause.html#the_where_clause__section_D2F8D17B52B04895B672E2FCD675A676)
and [Method Invocation
Authorizers](../security/method_invocation_authorizers.html) for details.
diff --git a/geode-docs/managing/security/implementing_security.html.md.erb
b/geode-docs/security/implementing_security.html.md.erb
similarity index 100%
rename from geode-docs/managing/security/implementing_security.html.md.erb
rename to geode-docs/security/implementing_security.html.md.erb
diff --git a/geode-docs/managing/security/implementing_ssl.html.md.erb
b/geode-docs/security/implementing_ssl.html.md.erb
similarity index 97%
rename from geode-docs/managing/security/implementing_ssl.html.md.erb
rename to geode-docs/security/implementing_ssl.html.md.erb
index 8f797e9ab0..68a917db80 100644
--- a/geode-docs/managing/security/implementing_ssl.html.md.erb
+++ b/geode-docs/security/implementing_ssl.html.md.erb
@@ -231,8 +231,8 @@ use. For information, see the [Oracle JSSE
website](http://www.oracle.com/techne
2. Configure SSL as needed for each connection type:
1. Use locators for member discovery within the clusters and for client
discovery of
- servers. See [Configuring Peer-to-Peer
Discovery](../../topologies_and_comm/p2p_configuration/setting_up_a_p2p_system.html)
and
- [Configuring a Client/Server
System](../../topologies_and_comm/cs_configuration/setting_up_a_client_server_system.html#setting_up_a_client_server_system).
+ servers. See [Configuring Peer-to-Peer
Discovery](../topologies_and_comm/p2p_configuration/setting_up_a_p2p_system.html)
and
+ [Configuring a Client/Server
System](../topologies_and_comm/cs_configuration/setting_up_a_client_server_system.html#setting_up_a_client_server_system).
2. Configure SSL properties as necessary for different component types,
using the properties
described above. For example, to enable SSL for
diff --git
a/geode-docs/managing/security/method_invocation_authorizers.html.md.erb
b/geode-docs/security/method_invocation_authorizers.html.md.erb
similarity index 98%
rename from
geode-docs/managing/security/method_invocation_authorizers.html.md.erb
rename to geode-docs/security/method_invocation_authorizers.html.md.erb
index 8284ecc59f..2f47d3fa09 100644
--- a/geode-docs/managing/security/method_invocation_authorizers.html.md.erb
+++ b/geode-docs/security/method_invocation_authorizers.html.md.erb
@@ -74,7 +74,7 @@ Extra care should be taken, however, when configuring the
internals of some of t
The table below shows a summary of which security threats are fully addressed
by each authorizer and which ones might be exploitable, depending on how they
are configured (details are shown later for each implementation).
-<img src="../../images/threatsAddressedByEachAuthorizer.png" class="image">
+<img src="../images/threatsAddressedByEachAuthorizer.png" class="image">
### <a id="restrictedMethodAuthorizer"></a>RestrictedMethodAuthorizer
@@ -182,7 +182,7 @@ Complete these items to implement a custom method
authorizer.
## <a id="changing_method_authorizer"></a>Changing the Method Authorizer
You can set the `MethodInvocationAuthorizer` to be used by the query engine
through the `gfsh` command-line utility.
-In addition, you can modify the configured `MethodInvocationAuthorizer` while
members are already running by using the [alter
query-service](../../tools_modules/gfsh/command-pages/alter.html#topic_alter_query_service)
command.
+In addition, you can modify the configured `MethodInvocationAuthorizer` while
members are already running by using the [alter
query-service](../tools_modules/gfsh/command-pages/alter.html#topic_alter_query_service)
command.
It is always advisable to make these changes during periods of low activity,
though.
The following constraints apply when the `MethodInvocationAuthorizer` used by
the cluster is changed in runtime:
diff --git a/geode-docs/managing/security/post_processing.html.md.erb
b/geode-docs/security/post_processing.html.md.erb
similarity index 96%
rename from geode-docs/managing/security/post_processing.html.md.erb
rename to geode-docs/security/post_processing.html.md.erb
index c2ccc68f40..736ca11775 100644
--- a/geode-docs/managing/security/post_processing.html.md.erb
+++ b/geode-docs/security/post_processing.html.md.erb
@@ -38,7 +38,7 @@ on the identity of the requester (principal).
By default, the key and value parameters to the `processRegionValue` method
are references to the region entry.
Modify copies of these parameters to avoid changing the region entries.
-[Copy on Read
Behavior](../../basic_config/data_entries_custom_classes/copy_on_read.html)
discusses the issue.
+[Copy on Read
Behavior](../basic_config/data_entries_custom_classes/copy_on_read.html)
discusses the issue.
<!-- GEODE-2153 aims to make this possible:
A use of post processing will be to sanitize or mask out sensitive
diff --git a/geode-docs/managing/security/properties_file.html.md.erb
b/geode-docs/security/properties_file.html.md.erb
similarity index 100%
rename from geode-docs/managing/security/properties_file.html.md.erb
rename to geode-docs/security/properties_file.html.md.erb
diff --git a/geode-docs/managing/security/security-audit.html.md.erb
b/geode-docs/security/security-audit.html.md.erb
similarity index 86%
rename from geode-docs/managing/security/security-audit.html.md.erb
rename to geode-docs/security/security-audit.html.md.erb
index c5589dabc0..1f2da0f493 100644
--- a/geode-docs/managing/security/security-audit.html.md.erb
+++ b/geode-docs/security/security-audit.html.md.erb
@@ -30,7 +30,7 @@ For example:
- JMX clients (such as `gfsh` and JConsole) can connect to JMX Managers and
other manageable members on the pre-defined RMI port 1099. You can configure a
different port if necessary.
- Each gateway receiver usually has a port range where it listens for
incoming communication.
-See [Firewalls and
Ports](../../configuring/running/firewalls_ports.html#concept_5ED182BDBFFA4FAB89E3B81366EBC58E)
for the complete list of ports used by <%=vars.product_name%>, their default
values, and how to configure them if you do not want to use the default value.
+See [Firewalls and
Ports](../configuring/running/firewalls_ports.html#concept_5ED182BDBFFA4FAB89E3B81366EBC58E)
for the complete list of ports used by <%=vars.product_name%>, their default
values, and how to configure them if you do not want to use the default value.
<%=vars.product_name%> does not have any external interfaces or services that
need to be enabled or opened.
@@ -49,7 +49,7 @@ The default location of the `gemfire.properties` and
`cache.xml` configuration f
By default, the log files are located in the working directory used when you
started the corresponding processes.
-For <%=vars.product_name%> members (locators and cache servers), you can also
specify a custom working directory location when you start each process. See
[Logging](../logging/logging.html#concept_30DB86B12B454E168B80BB5A71268865) for
more details.
+For <%=vars.product_name%> members (locators and cache servers), you can also
specify a custom working directory location when you start each process. See
[Logging](../managing/logging/logging.html#concept_30DB86B12B454E168B80BB5A71268865)
for more details.
The log files are as follows:
@@ -57,7 +57,7 @@ The log files are as follows:
- `server-name.log`: Contains logging information for a cache server process.
- `gfsh-%u_%g.log`: Contains logging information of an individual `gfsh`
environment and session.
- **Note:** By default, `gfsh` session logging is disabled. To enable `gfsh`
logging, you must set the Java system property `-Dgfsh.
log-level=desired_log_level`. See [Configuring the gfsh
Environment](../../tools_modules/gfsh/configuring_gfsh.html#concept_3B9C6CE2F64841E98C33D9F6441DF487)
for more information.
+ **Note:** By default, `gfsh` session logging is disabled. To enable `gfsh`
logging, you must set the Java system property `-Dgfsh.
log-level=desired_log_level`. See [Configuring the gfsh
Environment](../tools_modules/gfsh/configuring_gfsh.html#concept_3B9C6CE2F64841E98C33D9F6441DF487)
for more information.
These log files should be readable and writable *only* by the dedicated user
who runs the servers.
diff --git a/geode-docs/managing/security/security_audit_overview.html.md.erb
b/geode-docs/security/security_audit_overview.html.md.erb
similarity index 100%
rename from geode-docs/managing/security/security_audit_overview.html.md.erb
rename to geode-docs/security/security_audit_overview.html.md.erb
diff --git a/geode-docs/security/security_model.html.md.erb
b/geode-docs/security/security_model.html.md.erb
new file mode 100644
index 0000000000..fc9ccafebe
--- /dev/null
+++ b/geode-docs/security/security_model.html.md.erb
@@ -0,0 +1,35 @@
+---
+title: Security Model
+---
+
+<!--
+Licensed to the Apache Software Foundation (ASF) under one or more
+contributor license agreements. See the NOTICE file distributed with
+this work for additional information regarding copyright ownership.
+The ASF licenses this file to You under the Apache License, Version 2.0
+(the "License"); you may not use this file except in compliance with
+the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+Every component of Apache Geode is built with security considerations as a top
priority. However, certain security
+solutions require user-specific design and implementation. Geode's default
configuration combines maximum flexibility
+and performance without any input needed from the user. Because of this,
certain security measures like
+**[authentication](authentication_overview.html)**,
+**[authorization](authorization_overview.html)** and
+**[over-the-wire encryption](ssl_overview.html)**
+are absent from a default Geode installation.
+It is highly recommended that users review Geode's security capabilities and
implement them as they see fit. See the
+**[Security Implementation Introduction and
Overview](implementing_security.html)**
+to get started with Apache Geode security.
+
+Additional documentation related to security can be found on Apache Geode Wiki
+
+[Geode Security
Framework](https://cwiki.apache.org/confluence/display/GEODE/Geode+Security+Framework)
and
+[Geode Integrated
Security](https://cwiki.apache.org/confluence/display/GEODE/Geode+Integrated+Security).
diff --git a/geode-docs/managing/security/ssl_example.html.md.erb
b/geode-docs/security/ssl_example.html.md.erb
similarity index 100%
rename from geode-docs/managing/security/ssl_example.html.md.erb
rename to geode-docs/security/ssl_example.html.md.erb
diff --git a/geode-docs/managing/security/ssl_overview.html.md.erb
b/geode-docs/security/ssl_overview.html.md.erb
similarity index 95%
rename from geode-docs/managing/security/ssl_overview.html.md.erb
rename to geode-docs/security/ssl_overview.html.md.erb
index b6c3bca06b..7fa30463bf 100644
--- a/geode-docs/managing/security/ssl_overview.html.md.erb
+++ b/geode-docs/security/ssl_overview.html.md.erb
@@ -32,7 +32,7 @@ For the protection of data in memory or on disk,
<%=vars.product_name%> relies o
The SSL implementation ensures that only the applications identified by you
can share cluster data in transit. In this figure, the data in the visible
portion of the cluster is secured by the firewall and by security settings in
the operating system and in the JDK. The data in the disk files, for example,
is protected by the firewall and by file permissions. Using SSL for data
distribution provides secure communication between <%=vars.product_name%>
system members inside and outside the [...]
-<img src="../../images/security-5.gif"
id="how_ssl_works__image_0437E0FC3EE74FB297BE4EBCC0FD4321" class="image" />
+<img src="../images/security-5.gif"
id="how_ssl_works__image_0437E0FC3EE74FB297BE4EBCC0FD4321" class="image" />
- **[Configuring SSL](implementing_ssl.html)**
diff --git a/geode-docs/tools_modules/pulse/pulse-auth.html.md.erb
b/geode-docs/tools_modules/pulse/pulse-auth.html.md.erb
index 9b80ed8973..a7149dcb78 100644
--- a/geode-docs/tools_modules/pulse/pulse-auth.html.md.erb
+++ b/geode-docs/tools_modules/pulse/pulse-auth.html.md.erb
@@ -38,7 +38,7 @@ In embedded mode, <%=vars.product_name%> uses an embedded
Jetty server to host t
Pulse Web application. To make the embedded server use HTTPS, you must
enable the `http` SSL component in
`gemfire.properties` or `gfsecurity.properties`.
-See [SSL](../../managing/security/ssl_overview.html) for details on
configuring these parameters.
+See [SSL](../../security/ssl_overview.html) for details on configuring these
parameters.
These SSL parameters apply to all HTTP services hosted on the JMX Manager,
which includes the following:
