LATEST VERSION: 8.1.0 - CHANGELOG
Pivotal GemFire® v8.1

Pivotal GemFire Security Features

Pivotal GemFire Security Features

Pivotal GemFire includes a range of built-in authentication and authorization features. It also accommodates security infrastructure plug-ins.

GemFire provides member authentication and cache access authorization with these features:
  • Flexible plug-in framework. Plug-in mechanism for authentication of clients and servers and authorization of cache operations from clients. Any security infrastructure can be plugged into the system as long as the plug-ins implement the required GemFire interfaces.
  • Cache server authentication. Allows peer cache servers into the distributed system if their credentials are authenticated by the locator to which they connect.
  • Client authentication. Implemented through authentication of client’s credentials by a cache server when the client attempts to connect to the server. Multiple users can connect, with separate authorization levels, from within one client application.
  • SSL-based authentication. Allows configuration of connections to be SSL- based, rather than plain socket connections. GemFire enables you to configure SSL separately for peer-to-peer, client, JMX, and WAN gateway connections.
  • Authorization of cache operations. Selectively authorized cache operations by clients based on the predefined, associated roles, where the credentials are provided by the client when connecting to the server.
  • Data modification based on authorization. Allows authorization callbacks to modify or filter data sent from the client to the server. Similarly, after the cache operations complete on the server, a post authorization callback occurs, that can filter or modify results sent to the client. However, the results cannot be modified while using function execution.
  • Sample implementations. Authentication and authorization sample implementations.