Thank you so much John for detailed updates & upcoming magic :) Regarding apache-shiro, I can see various ways for geode server using @EnableSecurity(INI/Realm) annotation but how I can include the same in locator.
I tried below one, File: locator.properties security-shiro-init=/home/parin/Downloads/apache-geode/shiro.properties But it says me, Exception in thread "main" org.apache.shiro.config.ConfigurationException: java.io.IOException: Resource [classpath:/home/parin/Downloads/apache-geode/shiro.properties] could not be found. Same as if I provide my custom SecurityManager implementation, how can I refer that in locator properties? Thanks, Parin On Sun, Jun 4, 2017 at 12:19 AM, John Blum <[email protected]> wrote: > Hi Parin- > > Thank you for the kind words; means a lot to me and I definitely > appreciate it. > > So, good news! I do have an example (several, actually) of using the new > Apache Geode Security Model (e.g. SecurityManager) with *Spring Data > Geode*. In fact that was the central theme in the last release of SDG > 1.0.0.INCUBATING-RELEASE. See my blog post here > <https://spring.io/blog/2016/11/10/spring-data-geode-1-0-0-incubating-release-released> > [1] > (the "*Security*" piece starts a couple of sections down after "*What's > New*"). > > The actual code I built > <https://github.com/jxblum/contacts-application/blob/apache-geode/security-example/src/test/java/example/app/geode/security/GeodeSecurityIntegrationTests.java> > [2] > when writing the blog post is part of (what will eventually become) the > *Reference > Implementation* (RI) of *Spring Data GemFire/Geode*. Unfortunately, I > have not had a lot of time to document this yet either in SDG Ref Guide or > in READMEs associated with the RI repo. > But, hopefully, the blog post helps and the code is self-explanatory; docs > are coming, I promise. However, I have since then added automated tests > <https://github.com/spring-projects/spring-data-geode/tree/master/src/test/java/org/springframework/data/gemfire/config/annotation> > [3] > for the Security bits based on this example, since it is important to have > both the client as well as the server-side of the Security equation. In > the example, I think I setup a secure server manually where as the tests > actually configure and fork one. Anyway, if you questions, please do let > me know. > > > As for the new release.... > > Great question and one that seems to be of most interests to the community > right now where *Spring* and Geode intersect. This was recently asked on > *StackOverflow* > <https://stackoverflow.com/questions/44204043/spring-support-for-apache-geode-spring-data-geode> > [4] > as well. My answer to the SO post was somewhat verbose, so let me recap > here for everyones benefit... > > I am planning a *Spring Data Geode* *1.1.0.RELEASE* that builds on Apache > Geode *1.1.1*. The 2 central themes in this are... > > 1. Early *Lucene* support. > > As you may know, Apache Geode now integrates with Apache Lucene to create > Lucene Indexes for textual based searches on data in GemFire Regions. I added > first class support in SDG > <http://docs.spring.io/spring-data-gemfire/docs/2.0.0.M3/reference/html/#bootstrap:lucene> > [5] > above and beyond what even Apache Geode is capable of (e.g. > projections/mapping based on *Spring Data Commons* infrastructure) for > this new API/integration. This is *done*. > > 2. *Annotation config* model extensions. > > Some people are already familiar and even using with the new, *Spring > Boot* style Annotation support I added in SDG. However, 1 of the initial > limitations of the Annotation config was having the ability to > "dynamically" configure aspects of Geode (e.g. port numbers > <https://github.com/spring-projects/spring-data-geode/blob/master/src/main/java/org/springframework/data/gemfire/config/annotation/EnableCacheServer.java#L134> > [6]) > when the Annotations are used. My goal was to preserve the "type-safe" > nature of the Annotation attributes while still allowing those attributes > to be dynamically configured. > > Of course, I could have used Spring property placeholders and SpEL > expressions, but that would have required me to give up type safety and > make all the Annotation attributes Strings... blah, no! So, instead, I am > introducing Configurers and well-known, document properties that users can > set in an application.properties file that correspond to Annotation > attributes where the precedence is... *Annotation attribute* -> *Property* > -> *XYZConfigurer* (e.g. CacheServerConfigurer > <https://github.com/spring-projects/spring-data-geode/blob/master/src/main/java/org/springframework/data/gemfire/config/annotation/CacheServerConfigurer.java> > [7]). > > Since the Annotations create *Spring* beans for Geode components for you, > with very little effort (i.e. using OOTB defaults when attributes are not > customized), the Configurers give you a way to access the "configuration" > (on the appropriate Spring FactoryBean) before the Geode component is > created. To use a Configurer, you register it like any other Spring bean, > which then gives you the ability to also use Spring property placeholder > and SpEL expressions in those JavaConfig bean definitions, therefore kill 2 > birds with 1 stone (sorry, that sounds cruel; figure of speech). Here is > an example > <https://github.com/spring-projects/spring-data-geode/blob/master/src/test/java/org/springframework/data/gemfire/config/annotation/CacheServerConfigurerIntegrationTests.java#L87-L114> > [8]. > > So, the Configurers are *done*, the Well-Known/Documented Properties are > a *WIP*, as well as the Ref Guide documentation, phew. > > This dynamic configuration support using Annotations was requested and > needed by several members of the Geode community that use *Spring*, like > *Roger > Vandusen* from *Mastercard*. I have not forgotten about you my friend. > > I *sincerely apologize to the community* that this new feature support > and the next release of SDG for Apache Geode 1.1.1 has taken so long. > > Anyway, once I get the last bit done, I will push 1 *final* *Spring Data > Geode* *1.1.0.RELEASE* based on Apache Geode 1.1.1. > > I say "*final*" because *Spring Data Geode* is becoming a new, *top-level* > *Spring > Data* module in the *Spring Data* portfolio > <http://projects.spring.io/spring-data/> [9] (like *Spring Data GemFire*, > but separate now, yay). I am super excited about this and I hope the > community will be too. It already has a new GitHub Repo home, here > <https://github.com/spring-projects/spring-data-geode> [10]. > > So, *Spring Data Geode* will be part of the *Spring Data Release Train > <https://github.com/spring-projects/spring-data-commons/wiki>* [11] (from > *Kay* onward; see right-side nav bar on Wiki page), which means SD Geode > will have predictable and regular releases, and will be based on Apache > Geode *1.2.0*. However, it also means that Apache Geode 1.2.0 needs to > be released before SD Geode can be added to the train. And, it also means > several other important things... > > 1. I will *not* be doing individual releases of SD Geode going forward > after SD Geode is added to the train. > > 2. SD Geode will be at version 2.0.0 (based on Apache Geode 1.2.0); so the > version numbers between Apache Geode and SD Geode will not longer align > (which is actually the same as *Spring Data GemFire* for Pivotal GemFire, > too), partly because... > > 3. SDG also builds on *Spring* *5*, with the major themes being *Java 8*, > *Reactive* and *Functional programming* support, so we are bumping the > major version for all SD modules. > > Anyway, I hope this helps and clears up the muddy waters on what has been > happening on *Spring Data Geode*. I am also involved in several other > things, like... > > 1. Moving the *Spring Boot* auto-configuration support for Apache > Geode/Pivotal GemFire I built into *Spring Boot* to a new home > <https://github.com/spring-projects/spring-boot-data-gemfire> [12], a > major WIP. > > 2. Moving the *Spring Session Data Geode/GemFire* support to its new home > <https://github.com/spring-projects/spring-session-data-geode> [13], as > of *Spring Session* 2.0, also a major WIP. > > 3. And, building *Spring* support in PCF for Pivotal GemFire/Apache Geode. > > Let me know if you have other questions. > > Cheers my friend, > John > > > [1] https://spring.io/blog/2016/11/10/spring-data-geode- > 1-0-0-incubating-release-released > [2] https://github.com/jxblum/contacts-application/blob/ > apache-geode/security-example/src/test/java/example/app/geode/security/ > GeodeSecurityIntegrationTests.java > [3] https://github.com/spring-projects/spring-data-geode/ > tree/master/src/test/java/org/springframework/data/gemfire/ > config/annotation > [4] https://stackoverflow.com/questions/44204043/spring- > support-for-apache-geode-spring-data-geode > [5] http://docs.spring.io/spring-data-gemfire/docs/2.0. > 0.M3/reference/html/#bootstrap:lucene > [6] https://github.com/spring-projects/spring-data-geode/ > blob/master/src/main/java/org/springframework/data/gemfire/ > config/annotation/EnableCacheServer.java#L134 > [7] https://github.com/spring-projects/spring-data-geode/ > blob/master/src/main/java/org/springframework/data/gemfire/ > config/annotation/CacheServerConfigurer.java > [8] https://github.com/spring-projects/spring-data-geode/ > blob/master/src/test/java/org/springframework/data/gemfire/ > config/annotation/CacheServerConfigurerIntegrationTests.java#L87-L114 > [9] http://projects.spring.io/spring-data/ > [10] https://github.com/spring-projects/spring-data-geode > [11] https://github.com/spring-projects/spring-data-commons/wiki > [12] https://github.com/spring-projects/spring-boot-data-gemfire > [13] https://github.com/spring-projects/spring-session-data-geode > > > On Sat, Jun 3, 2017 at 12:12 AM, Parin dazz <[email protected]> > wrote: > >> Hi, >> >> Do we have any example on how to use/implement security manager with >> spring-data-geode? >> >> More, haven't heard anything for new release of spring-data-geode :) Very >> much excited for the new features and hard work john is doing. Any news on >> release date? >> >> >> Regards, >> Parin >> > > > > -- > -John > john.blum10101 (skype) >
