I would be hesitant to abort the startup of the cluster entirely because this can put people in situations where their whole cluster is held hostage by a feature they're not particularly invested in. Since our default settings are to restrict access to methods I would think that a cluster starting with the wrong authorizer due to a bug or user error could be fixed by using our gfsh command (or other methods in the future) to set the authorizer to the one they intended is preferable to a cluster failing to start. In the past this is how I've seen errors like this handled in cases such as the datasources loaded from cluster config which were used by the JDBC connector, and although this is a security related setting we default to high security rather than low security so I don't see that being an issue.
[ Full content available at: https://github.com/apache/geode/pull/4161 ] This message was relayed via gitbox.apache.org for [email protected]
