[jira] [Commented] (GEODE-2030) Geode Security framework needs to support easier integration in SDG

Mon, 24 Oct 2016 08:56:29 -0700 

    [ 
https://issues.apache.org/jira/browse/GEODE-2030?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15602398#comment-15602398
 ] 

Jinmei Liao commented on GEODE-2030:
------------------------------------

John's email:

To make my example a bit more concrete in Geode terms... as a developer, I 
would like to have the ability to do the following...

SecurityConfigurationRepository repository = ...;

SecurityManager securityManager = new 
example.app.security.MySecurityManager(repository);

new CacheFactory()
  .set("name", "Example")
  .set("log-level", "config")
  .setSecurityManager(securityManager)
  ...
  .create();

This would be very similar to configuring a PdxSerializer using...

CacheFactory.setPdxSerializer(:PdxSerializer); [1]

In fact, having the ability to configure PDX in this manner was very 
useful/instrumental in creating a "composable" [2] PdxSerializer, in this SDG 
test class (defined here [3], configured using a Spring FactoryBean [4], and 
configuration here [5]).  As you can see, I use individual PdxSerializer for 
each application domain object type (here [6] and here [7]).  However, since 
GemFire/Geode can only accept a single PdxSerializer instance, I compose them.

All too often, I see Geode developers naively cram all the de/serialization 
logic for all their application domain objects into a single PdxSerializer 
instance.

Employing the appropriate application design patterns makes this much easier to 
configure, test and maintain.

Using a similar approach in Security would be very beneficial, IMO.


> Geode Security framework needs to support easier integration in SDG
> -------------------------------------------------------------------
>
>                 Key: GEODE-2030
>                 URL: https://issues.apache.org/jira/browse/GEODE-2030
>             Project: Geode
>          Issue Type: Bug
>            Reporter: Jinmei Liao
>
> While using gemfire properties to configure security is doable in SDG, they 
> would prefer an object based injection model to configure security. Here are 
> the two things they would need:
> 1. directly inject a Gemfire SecurityManager object into CacheFactory.
> 2. directly configure Shiro Security using their xml based configuration.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to