[jira] [Commented] (GEODE-6994) Documentation for OQL Method Invocation Security

Fri, 29 Nov 2019 04:56:07 -0800 


    [ 
https://issues.apache.org/jira/browse/GEODE-6994?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16984994#comment-16984994
 ] 

ASF subversion and git services commented on GEODE-6994:
--------------------------------------------------------

Commit 081f5cb2eac66297e8b59e5aa42d25639aafc8eb in geode's branch 
refs/heads/develop from Juan José Ramos
[ https://gitbox.apache.org/repos/asf?p=geode.git;h=081f5cb ]

GEODE-6994: OQL Add Method Invocation Security Docs (#4325)

- Added 'build-docs-output.txt' to list of git ignored files.
- Fixed the 'Authorization Overview' page to reflect new directory
  layout and removed deprecated examples.
- Added example to illustrate how the 'MethodInvocationAuthorizer'
  can be used to implement a custom authorization mechanism.
- Added comprehensive documentation about the OQL Method Invocation
  Security feature, pros and cons, how it can it customized and
  configured, etcetera.
- Added warning note about changing the authorizer when CQs are
  running in the cluster.

> Documentation for OQL Method Invocation Security
> ------------------------------------------------
>
>                 Key: GEODE-6994
>                 URL: https://issues.apache.org/jira/browse/GEODE-6994
>             Project: Geode
>          Issue Type: New Feature
>          Components: docs
>            Reporter: Juan Ramos
>            Assignee: Juan Ramos
>            Priority: Major
>              Labels: GeodeCommons
>          Time Spent: 7h
>  Remaining Estimate: 0h
>
> Delete the [Method Invocations 
> Section|https://github.com/apache/geode/blob/rel/v1.9.0/geode-docs/developing/query_select/the_where_clause.html.md.erb#L238-L262]
>  and add a new page, on which detailed documentation should be added about 
> the following:
> * The new _OQL Method Invocation Security feature_.
> * How to configure the new _OQL Method Invocation Security feature_.
> * Each Out of Box Implementation: pros, cons and *_security risks_* 
> associated with each one (check the table within the 
> [Introduction|https://cwiki.apache.org/confluence/display/GEODE/OQL+Method+Invocation+Security#OQLMethodInvocationSecurity-Summary]
>  for details).
> * Interface {{MethodInvocationAuthorizer}} and how/when the user needs to 
> provide its own. Requirement about the thread-safety and performance of the 
> implementation.
> * Deprecation of the system property 
> {{QueryService.allowUntrustedMethodInvocation}} and how it can be replaced by 
> one of the Out of Box Implementations.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Reply via email to