January 2018
Beginner to intermediate
75 pages
1h 22m
English
Content preview from Scaling Data Services with Pivotal GemFire
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
Chapter 8. Authentication and Role-Based Access Control
In this chapter, we look at using role-based access control (RBAC) in GemFire and securing the communication between various components by using Secure Sockets Layer (SSL).
Authentication and Authorization
Before we dig into how authentication and authorization works, let’s try to look at the operations that you can perform in GemFire that would need to be authenticated and authorized.
Background
In GemFire you can start/stop locators and servers and you can alter their runtime to change log-level as well as other administrative actions. You are creating regions to store your data, defining indexes, and defining disk stores to persist your data; you then actually insert data, and access and query it.
We can broadly classify these actions into two categories based on the type of resource being worked on. Starting servers, altering runtime, and defining disk stores are operations that involve working on your CLUSTER, whereas put(), get() and queries work on DATA as the resource. The security framework classifies all operations in these two major categories.
Within each resource classification, we can further classify all commands as either accessing the resource (READ), writing to the resource (WRITE), or making changes to the resource (MANAGE). For example, list members just accesses the CLUSTER resource, whereas stop server manages it.
Table 8-1 shows classifications of some of the commands. You can find ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.