[jira] [Commented] (GEODE-2153) PostProcessor security
[ https://issues.apache.org/jira/browse/GEODE-2153?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15713172#comment-15713172 ] Hitesh Khamesra commented on GEODE-2153: I think we need to mention that how one can you use Postprocessor callback for security purpose. One can take this as the just reference implementation. > PostProcessor security > -- > > Key: GEODE-2153 > URL: https://issues.apache.org/jira/browse/GEODE-2153 > Project: Geode > Issue Type: Improvement > Components: security >Reporter: Jared Stewart > > I have started a server and locator using the sample RedactingPostProcessor > implementation. I created a /customers region and inserted a Customer: > {code} > Regionregion = connectToRegion("customers"); > Customer customer = new Customer(1L, "FirstName", "LastName", "123-456-7890"); > region.put("galen", customer); > {code} > The following query and get operation show our customer's SSN getting > redacted as expected: > {code} > Customer customerFromGet = region.get("galen"); > //{ type = com.jaredjstewart.Customer, customerId = 1, firstName = FirstName, > lastName = LastName, ssn = ** } > Object customerFromQuery = queryService.newQuery("select * from > /customers").execute(); > //{ type = com.jaredjstewart.Customer, customerId = 1, firstName = FirstName, > lastName = LastName, ssn = ** } > {code} > However, it is possible to leak information by accessing the field which is > supposed to be redacted in a where clause: > {code} > Object customer = queryService.newQuery("select c from /customers c > where c.socialSecurityNumber='123-456-7890'").execute(); > //this redacts but still leaks the vital information > {code} > It is also possible to query the field directly: > {code} > Object customerSSN = queryService.newQuery("select c.socialSecurityNumber > from /customers c").execute(); > //[123-456-7890] > {code} -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (GEODE-2153) PostProcessor security
[ https://issues.apache.org/jira/browse/GEODE-2153?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15707024#comment-15707024 ] Jinmei Liao commented on GEODE-2153: Either we enhance PostProcessor to include field access information, or find another way to do field level security. > PostProcessor security > -- > > Key: GEODE-2153 > URL: https://issues.apache.org/jira/browse/GEODE-2153 > Project: Geode > Issue Type: Improvement > Components: security >Reporter: Jared Stewart > > I have started a server and locator using the sample RedactingPostProcessor > implementation. I created a /customers region and inserted a Customer: > {code} > Regionregion = connectToRegion("customers"); > Customer customer = new Customer(1L, "FirstName", "LastName", "123-456-7890"); > region.put("galen", customer); > {code} > The following query and get operation show our customer's SSN getting > redacted as expected: > {code} > Customer customerFromGet = region.get("galen"); > //{ type = com.jaredjstewart.Customer, customerId = 1, firstName = FirstName, > lastName = LastName, ssn = ** } > Object customerFromQuery = queryService.newQuery("select * from > /customers").execute(); > //{ type = com.jaredjstewart.Customer, customerId = 1, firstName = FirstName, > lastName = LastName, ssn = ** } > {code} > However, it is possible to leak information by accessing the field which is > supposed to be redacted in a where clause: > {code} > Object customer = queryService.newQuery("select c from /customers c > where c.socialSecurityNumber='123-456-7890'").execute(); > //this redacts but still leaks the vital information > {code} > It is also possible to query the field directly: > {code} > Object customerSSN = queryService.newQuery("select c.socialSecurityNumber > from /customers c").execute(); > //[123-456-7890] > {code} -- This message was sent by Atlassian JIRA (v6.3.4#6332)