[jira] [Commented] (GEODE-2153) PostProcessor security
[
https://issues.apache.org/jira/browse/GEODE-2153?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15713172#comment-15713172
]
Hitesh Khamesra commented on GEODE-2153:
I think we need to mention that how one can you use Postprocessor callback for
security purpose. One can take this as the just reference implementation.
> PostProcessor security
> --
>
> Key: GEODE-2153
> URL: https://issues.apache.org/jira/browse/GEODE-2153
> Project: Geode
> Issue Type: Improvement
> Components: security
>Reporter: Jared Stewart
>
> I have started a server and locator using the sample RedactingPostProcessor
> implementation. I created a /customers region and inserted a Customer:
> {code}
> Region region = connectToRegion("customers");
> Customer customer = new Customer(1L, "FirstName", "LastName", "123-456-7890");
> region.put("galen", customer);
> {code}
> The following query and get operation show our customer's SSN getting
> redacted as expected:
> {code}
> Customer customerFromGet = region.get("galen");
> //{ type = com.jaredjstewart.Customer, customerId = 1, firstName = FirstName,
> lastName = LastName, ssn = ** }
> Object customerFromQuery = queryService.newQuery("select * from
> /customers").execute();
> //{ type = com.jaredjstewart.Customer, customerId = 1, firstName = FirstName,
> lastName = LastName, ssn = ** }
> {code}
> However, it is possible to leak information by accessing the field which is
> supposed to be redacted in a where clause:
> {code}
> Object customer = queryService.newQuery("select c from /customers c
> where c.socialSecurityNumber='123-456-7890'").execute();
> //this redacts but still leaks the vital information
> {code}
> It is also possible to query the field directly:
> {code}
> Object customerSSN = queryService.newQuery("select c.socialSecurityNumber
> from /customers c").execute();
> //[123-456-7890]
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (GEODE-2153) PostProcessor security
[
https://issues.apache.org/jira/browse/GEODE-2153?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15707024#comment-15707024
]
Jinmei Liao commented on GEODE-2153:
Either we enhance PostProcessor to include field access information, or find
another way to do field level security.
> PostProcessor security
> --
>
> Key: GEODE-2153
> URL: https://issues.apache.org/jira/browse/GEODE-2153
> Project: Geode
> Issue Type: Improvement
> Components: security
>Reporter: Jared Stewart
>
> I have started a server and locator using the sample RedactingPostProcessor
> implementation. I created a /customers region and inserted a Customer:
> {code}
> Region region = connectToRegion("customers");
> Customer customer = new Customer(1L, "FirstName", "LastName", "123-456-7890");
> region.put("galen", customer);
> {code}
> The following query and get operation show our customer's SSN getting
> redacted as expected:
> {code}
> Customer customerFromGet = region.get("galen");
> //{ type = com.jaredjstewart.Customer, customerId = 1, firstName = FirstName,
> lastName = LastName, ssn = ** }
> Object customerFromQuery = queryService.newQuery("select * from
> /customers").execute();
> //{ type = com.jaredjstewart.Customer, customerId = 1, firstName = FirstName,
> lastName = LastName, ssn = ** }
> {code}
> However, it is possible to leak information by accessing the field which is
> supposed to be redacted in a where clause:
> {code}
> Object customer = queryService.newQuery("select c from /customers c
> where c.socialSecurityNumber='123-456-7890'").execute();
> //this redacts but still leaks the vital information
> {code}
> It is also possible to query the field directly:
> {code}
> Object customerSSN = queryService.newQuery("select c.socialSecurityNumber
> from /customers c").execute();
> //[123-456-7890]
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
