Hi Ashish,
There are a few tricky issues involved. Here is a working security manager
based on the idea of keeping authentication and authorization information in
geode itself :
https://github.com/Pivotal-Data-Engineering/gemfire-dynamic-security
Feel free to use it directly or reference it as you implement your own
SecurityManager.
On October 30, 2018 at 6:09:22 PM, aashish choudhary
(aashish.choudha...@gmail.com) wrote:
Hi,
We are leveraging geode security-manager implementation for
authentication/authz for authentication we use active directory and for
Authorization we have roles like DATA:READ etc in database. Now we would like
to store those roles into geode regions itself to avoid operational overhead of
keeping roles into database. My question is if we create a geode region like
say Roles and store the roles there then how should we go about accessing
those roles? Use ClientCacheFactory to get roles or Functions since this will
run on server side. I am not sure as I have not tried this it may work or not
but in the init () method I can put the logic to initialize ClientCache and
then proceed further. Also I should have the ability to pickup the roles on the
fly if a new role is added.
Or try something like this in init() method.
CacheFactory.getAnyInstance().createClientRegionFactory(ClientRegionShortcut.PROXY).create("region-name")
Thoughts?
Thanks,
Ashish
