GEODE-1883 AuthInitializer should be made optional Documentation of how a cache client may set its credentials for authentication is revised to no longer state that the client can set the two security properties. When this bug is fixed, the documentation should be revised again.
Project: http://git-wip-us.apache.org/repos/asf/incubator-geode/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-geode/commit/f1df6fc5 Tree: http://git-wip-us.apache.org/repos/asf/incubator-geode/tree/f1df6fc5 Diff: http://git-wip-us.apache.org/repos/asf/incubator-geode/diff/f1df6fc5 Branch: refs/heads/feature/GEODE-1930 Commit: f1df6fc5920d0d1eebd210e816e61ad44074d39d Parents: cf09ac9 Author: Karen Miller <kmil...@pivotal.io> Authored: Mon Oct 17 12:58:33 2016 -0700 Committer: Karen Miller <kmil...@pivotal.io> Committed: Mon Oct 17 12:58:33 2016 -0700 ---------------------------------------------------------------------- .../implementing_authentication.html.md.erb | 22 ++++++++++++++++++++ 1 file changed, 22 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f1df6fc5/geode-docs/managing/security/implementing_authentication.html.md.erb ---------------------------------------------------------------------- diff --git a/geode-docs/managing/security/implementing_authentication.html.md.erb b/geode-docs/managing/security/implementing_authentication.html.md.erb index 374a95e..c66be1a 100644 --- a/geode-docs/managing/security/implementing_authentication.html.md.erb +++ b/geode-docs/managing/security/implementing_authentication.html.md.erb @@ -77,6 +77,7 @@ sender or receiver. ## How a Cache Client Sets Its Credential +<!-- Revised for GEODE-1883 In order to connect with a locator or a server that does authentication, a client will need to set its credential, composed of the two properties `security-username` and `security-password`. @@ -93,6 +94,27 @@ as in the example The user name and password are stored in the clear, so the `gfsecurity.properties` file must be protected by restricting access with file system permissions. +To accomplish this: + +- Implement the `getCredentials` method of the `AuthInitialize` interface +for the client. +This callback's location is defined in the property `security-client-auth-init`, +as in the example + + ``` pre + security-client-auth-init=com.example.security.ClientAuthInitialize + ``` +The implementation of `getCredentials` may then acquire values for +the properties `security-username` and `security-password` in whatever way +it wishes. +It might look up values in a database or another external resource, +or it might prompt for values. +--> + +In order to connect with a locator or a server that does authentication, +a client will need to set its credential, composed of the two properties +`security-username` and `security-password`. +To accomplish this: - Implement the `getCredentials` method of the `AuthInitialize` interface for the client.