[ https://issues.apache.org/jira/browse/GEODE-9547?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Dan Smith updated GEODE-9547: ----------------------------- Description: Every Redis Command/API invocation must be authorized against the customer provided Security Manager. The SecurityManager.authorize method must be called for every Redis API call using the principal returned by the SecurityManager.authenticate method during the authentication process. The ResourcePermission passed to the authorize method should be the same for all operations. The actual permission string is TBD - perhaps DATA:WRITE:REDIS_DATA ?? In the future we may provide more fine grained support with different ResourcePermissions for different redis operations. +Acceptance Criteria+ TBD was: Every Redis Command/API invocation must be authorized against the customer provided Security Manager. The SecurityManager.authorize method must be called for every Redis API call using the principal returned by the SecurityManager.authenticate method during the authentication process. The ResourcePermission passed to the authorize method should be the same for all operations. The actual permission string is TBD - perhaps DATA:*:GEODE_FOR_REDIS_DATA ?? In the future we may provide more find grained support with different ResourcePermissions for different redis operations. +Acceptance Criteria+ TBD > Enable Redis Server to Authorize Using Security Manager > ------------------------------------------------------- > > Key: GEODE-9547 > URL: https://issues.apache.org/jira/browse/GEODE-9547 > Project: Geode > Issue Type: New Feature > Reporter: Wayne > Priority: Major > > Every Redis Command/API invocation must be authorized against the customer > provided Security Manager. > > The SecurityManager.authorize method must be called for every Redis API call > using the principal returned by the SecurityManager.authenticate method > during the authentication process. > The ResourcePermission passed to the authorize method should be the same for > all operations. The actual permission string is TBD - perhaps > DATA:WRITE:REDIS_DATA ?? In the future we may provide more fine grained > support with different ResourcePermissions for different redis operations. > +Acceptance Criteria+ > TBD > -- This message was sent by Atlassian Jira (v8.3.4#803005)