[ https://issues.apache.org/jira/browse/GEODE-1909?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15513463#comment-15513463 ]
ASF subversion and git services commented on GEODE-1909: -------------------------------------------------------- Commit d639eefd3d42374da987d89f5dfc2d4f83d330eb in incubator-geode's branch refs/heads/develop from [~jinmeiliao] [ https://git-wip-us.apache.org/repos/asf?p=incubator-geode.git;h=d639eef ] GEODE-1909: add authorization in GMSAuthenticator > A user with no privilege can start a server > ------------------------------------------- > > Key: GEODE-1909 > URL: https://issues.apache.org/jira/browse/GEODE-1909 > Project: Geode > Issue Type: Bug > Reporter: Jinmei Liao > Assignee: Jinmei Liao > Labels: management > Attachments: security.json, security.properties, > serverSecurity.properties > > > 1) Start the locator with a security-manager: > start locator --name=loc1 --security-properties-file=security.properties > --classpath=/Users/jiliao/my_gemfire/security > 2) connect to the locator using: guest/guest > 3), try start a server as guest: > start server --name=server1 > --security-properties-file=serverSecurity.properties > --locators=localhost[10334] > The server will be started. > We should allow only user with CLUSTER:MANAGE permission to start a server. -- This message was sent by Atlassian JIRA (v6.3.4#6332)