Dear all, after a mini chat on IRC, I wanted to bring this to everybody's attention.
We should make the Hot Rod endpoint require authentication in the out-of-the-box configuration. The proposal is to enable the PLAIN (or, preferably, DIGEST) SASL mechanism against the ApplicationRealm and require users to run the add-user script. This would achieve two goals: - secure out-of-the-box configuration, which is always a good idea - access to the "protected" schema and script caches which is prevented when not on loopback on non-authenticated endpoints. Tristan -- Tristan Tarrant Infinispan Lead JBoss, a division of Red Hat _______________________________________________ infinispan-dev mailing list infinispan-dev@lists.jboss.org https://lists.jboss.org/mailman/listinfo/infinispan-dev
