Thanks Jinmei for quick reply! >> It did not work for me when I used [--classpath] and >> [--security-properties-file] even though my classpath contains security.json >> file [That’s strange]
start locator –name=locator2 --locators=localhost[10334],localhost[10335] --security-properties-file=gfsecurity.properties --classpath=C:\Users\GeodeWorkDir\locator2 FAILED >> It worked for me when I used --J=-Dgemfire.security-username=admin >> --J=-Dgemfire.security-password=admin [SUCCESS] start locator –name=locator2 --locators=localhost[10334],localhost[10335] --J=-Dgemfire.security-username=admin --J=-Dgemfire.security-password=admin --classpath=C:\Users\GeodeWorkDir\locator2 SUCCESS Thanks & Regards, Dharam From: Jinmei Liao [mailto:[email protected]] Sent: Wednesday, June 07, 2017 11:12 AM To: [email protected] Subject: Re: FW: ExampleSecurityManager in Apache geode I tried using the SampleSecurityManager, and either one of the following command to start the 2nd locator is working: (I executed these commands while connected to the first locator, so I don't need to provide the --locators option, it knows which locator to join) 1> start locator --name=locator2 --port=10335 --classpath=/Users/jiliao/my_geode/security --security-properties-file=locator2.properties // locator2.properties only contains "security-username" and "security-password" properties. 2> start locator --name=locator2 --port=10335 --locators=jiliao-mbpro.lan[10334] --classpath=/Users/jiliao/my_geode/security/ --J=-Dgemfire.security-username=admin --J=-Dgemfire.security-password=admin I suspect that the reason one of your commands did not work is because of the locator2 can't find a security.json in its classpath, not because you did not provide the username/password. One of the complication of using our SampleSecurityManager is that it will need a security.json in it's classpath which complicates the issue. We should have a simpler security manager in the sample that's easier for users to experiment with. On Tue, Jun 6, 2017 at 10:03 PM, Thacker, Dharam <[email protected]<mailto:[email protected]>> wrote: I am able to start server with –user and –password to join existing secure locator. But I am not able to start another locator to join the existing secure locator. Could someone guide me here? start locator --name=locator1 --locators=localhost[10334],localhost[10335] --properties-file=locator.properties --classpath=C:\Users\GeodeWorkDir\locator1 SUCCESS start locator –name=locator2 --locators=localhost[10334],localhost[10335] --properties-file=locator.properties --classpath=C:\Users\GeodeWorkDir\locator2 FAILED start locator –name=locator2 --locators=localhost[10334],localhost[10335] --security-properties-file=gfsecurity.properties [gfsecurity.properties ---- security-username=clusteruser security-password=****] FAILED start locator –name=locator2 --locators=localhost[10334],localhost[10335] --security-properties-file=gfsecurity.properties --classpath=C:\Users\GeodeWorkDir\locator2 FAILED Jun 07, 2017 10:27:06 AM org.apache.geode.distributed.LocatorLauncher failOnStart INFO: locator is exiting due to an exception org.apache.geode.security.AuthenticationRequiredException: Failed to find credentials from [X.X.X.X(locator2:19416:locator)<ec>:1025] at org.apache.geode.distributed.internal.membership.gms.membership.GMSJoinLeave.attemptToJoin(GMSJoinLeave.java:424) at org.apache.geode.distributed.internal.membership.gms.membership.GMSJoinLeave.join(GMSJoinLeave.java:318) at org.apache.geode.distributed.internal.membership.gms.mgr.GMSMembershipManager.join(GMSMembershipManager.java:656) at org.apache.geode.distributed.internal.membership.gms.mgr.GMSMembershipManager.joinDistributedSystem(GMSMembershipManager.java:745) at org.apache.geode.distributed.internal.membership.gms.Services.start(Services.java:181) Thanks & Regards, Dharam From: Thacker, Dharam Sent: Tuesday, June 06, 2017 3:41 PM To: [email protected]<mailto:[email protected]> Cc: [email protected]<mailto:[email protected]> Subject: RE: ExampleSecurityManager in Apache geode Thank you Nilkanth! Classpath worked! start locator --name=locator1 --properties-file=locator.properties --classpath=C:\Users\GeodeWorkDir\locator1 security-json file location: C:\Users\GeodeWorkDir\locator1\security.json Thanks & Regards, Dharam From: Nilkanth Patel [mailto:[email protected]] Sent: Tuesday, June 06, 2017 3:35 PM To: [email protected]<mailto:[email protected]> Cc: [email protected]<mailto:[email protected]> Subject: Re: ExampleSecurityManager in Apache geode Dharam, Try out something like bellow, "security.json" is kept into /work/code/oss/geode/locator1 dir. gfsh>start locator --name=/work/code/oss/geode/locator1 --security-properties-file=/work/code/oss/geode/locator1/locator.properties --classpath=/work/code/oss/geode/locator1 Additional checks, 1. specify classpath while starting locator as shown in above command. 2. check the file permission for security.json. Nilkanth. On Tue, Jun 6, 2017 at 3:21 PM, Thacker, Dharam <[email protected]<mailto:[email protected]>> wrote: Hi Nilkanth, Thanks for the reply! I tried below one but it’s still not taking security.json file. Do you suggest anything different? My Current Directory: C:\Users\GeodeWorkDir Locator Directory: C:\Users\GeodeWorkDir\locator1 security-json file location [Tried both locations]: C:\Users\GeodeWorkDir\locator1\security.json C:\Users\GeodeWorkDir\security.json Thanks & Regards, Dharam From: Nilkanth Patel [mailto:[email protected]<mailto:[email protected]>] Sent: Tuesday, June 06, 2017 3:07 PM To: [email protected]<mailto:[email protected]> Cc: [email protected]<mailto:[email protected]> Subject: Re: ExampleSecurityManager in Apache geode Dharam, I believe following will be helpful to you. IMO with the existing implementation, "security.json" file has to be kept in a locator/server directory. In your case you need to be keep it in a locator director (l1) and should work. Hope this helps. Nilkanth Patel. On Tue, Jun 6, 2017 at 2:40 PM, Thacker, Dharam <[email protected]<mailto:[email protected]>> wrote: Hi Jinmei & Team, I was going through “New Security In Apache Geode” video. I also tried to start locator with ExampleSecurityManager and ExamplePostProcessor as shown below, locator.proprties mcast-port=0 security-manager=org.apache.geode.examples.security.ExampleSecurityManager security-post-processor=org.apache.geode.examples.security.ExamplePostProcessor > dir locator.properties security.json security-config.jar My security-config.jar has following structure, --- resources -> security.json --- META-INF -> MANIFEST.MF Could you guide me with below error? gfsh>start locator --name=locator1 --properties-file=locator.properties --classpath=C:\Users\GeodeWorkDir\security-config.jar Starting a Geode Locator in C:\Users\GeodeWorkDir\locator1... The Locator process terminated unexpectedly with exit status 1. Please refer to the log file in C:\Users\GeodeWorkDir\locator1 for full details. Jun 06, 2017 2:19:50 PM org.apache.geode.distributed.LocatorLauncher failOnStart INFO: locator is exiting due to an exception org.apache.geode.security.AuthenticationFailedException: ExampleSecurityManager: unable to find json resource "security.json" as specified by [security-json]. at org.apache.geode.examples.security.ExampleSecurityManager.init(ExampleSecurityManager.java:132) at org.apache.geode.internal.security.IntegratedSecurityService.initSecurity(IntegratedSecurityService.java:332) at org.apache.geode.internal.cache.GemFireCacheImpl.initialize(GemFireCacheImpl.java:1208) at org.apache.geode.internal.cache.GemFireCacheImpl.basicCreate(GemFireCacheImpl.java:798) at org.apache.geode.internal.cache.GemFireCacheImpl.create(GemFireCacheImpl.java:783) at org.apache.geode.cache.CacheFactory.create(CacheFactory.java:178) at org.apache.geode.cache.CacheFactory.create(CacheFactory.java:218) at org.apache.geode.distributed.internal.InternalLocator.startCache(InternalLocator.java:767) at org.apache.geode.distributed.internal.InternalLocator.startDistributedSystem(InternalLocator.java:752) at org.apache.geode.distributed.internal.InternalLocator.startLocator(InternalLocator.java:357) at org.apache.geode.distributed.internal.InternalLocator.startLocator(InternalLocator.java:315) at org.apache.geode.distributed.LocatorLauncher.start(LocatorLauncher.java:630) at org.apache.geode.distributed.LocatorLauncher.run(LocatorLauncher.java:532) at org.apache.geode.distributed.LocatorLauncher.main(LocatorLauncher.java:174) Exception in thread "main" org.apache.geode.security.AuthenticationFailedException: ExampleSecurityManager: unable to find json resource "security.json" as specified by [security-json]. at org.apache.geode.examples.security.ExampleSecurityManager.init(ExampleSecurityManager.java:132) at org.apache.geode.internal.security.IntegratedSecurityService.initSecurity(IntegratedSecurityService.java:332) at org.apache.geode.internal.cache.GemFireCacheImpl.initialize(GemFireCacheImpl.java:1208) at org.apache.geode.internal.cache.GemFireCacheImpl.basicCreate(GemFireCacheImpl.java:798) at org.apache.geode.internal.cache.GemFireCacheImpl.create(GemFireCacheImpl.java:783) at org.apache.geode.cache.CacheFactory.create(CacheFactory.java:178) at org.apache.geode.cache.CacheFactory.create(CacheFactory.java:218) at org.apache.geode.distributed.internal.InternalLocator.startCache(InternalLocator.java:767) at org.apache.geode.distributed.internal.InternalLocator.startDistributedSystem(InternalLocator.java:752) at org.apache.geode.distributed.internal.InternalLocator.startLocator(InternalLocator.java:357) at org.apache.geode.distributed.internal.InternalLocator.startLocator(InternalLocator.java:315) at org.apache.geode.distributed.LocatorLauncher.start(LocatorLauncher.java:630) at org.apache.geode.distributed.LocatorLauncher.run(LocatorLauncher.java:532) at org.apache.geode.distributed.LocatorLauncher.main(LocatorLauncher.java:174) Thanks & Regards, Dharam This message is confidential and subject to terms at: http://www.jpmorgan.com/emaildisclaimer<http://www.jpmorgan.com/emaildisclaimer> including on confidentiality, legal privilege, viruses and monitoring of electronic messages. If you are not the intended recipient, please delete this message and notify the sender immediately. Any unauthorized use is strictly prohibited. This message is confidential and subject to terms at: http://www.jpmorgan.com/emaildisclaimer<http://www.jpmorgan.com/emaildisclaimer> including on confidentiality, legal privilege, viruses and monitoring of electronic messages. If you are not the intended recipient, please delete this message and notify the sender immediately. Any unauthorized use is strictly prohibited. This message is confidential and subject to terms at: http://www.jpmorgan.com/emaildisclaimer<http://www.jpmorgan.com/emaildisclaimer> including on confidentiality, legal privilege, viruses and monitoring of electronic messages. If you are not the intended recipient, please delete this message and notify the sender immediately. Any unauthorized use is strictly prohibited. This message is confidential and subject to terms at: http://www.jpmorgan.com/emaildisclaimer<http://www.jpmorgan.com/emaildisclaimer> including on confidentiality, legal privilege, viruses and monitoring of electronic messages. If you are not the intended recipient, please delete this message and notify the sender immediately. Any unauthorized use is strictly prohibited. -- Cheers Jinmei This message is confidential and subject to terms at: http://www.jpmorgan.com/emaildisclaimer including on confidentiality, legal privilege, viruses and monitoring of electronic messages. If you are not the intended recipient, please delete this message and notify the sender immediately. Any unauthorized use is strictly prohibited.
