Security describes how to implement the security framework for the Geode native client, including authentication, authorization, encryption, and SSL client/server communication.
The security framework authenticates clients that attempt to connect to a Geode cache server, and authorizes client cache operations. You can also configure it for client authentication of servers, and you can plug in your own implementations for authentication and authorization.
A client is authenticated when it connects, with valid credentials, to a Geode cache server that is configured with the client
You can set up encrypted authentication using Diffe-Hellman or the sample PKCS implementation.
Using a provided callback that implements the
AccessControlinterface, you can configure each server to authorize some or all cache operations.
The table describes the security-related system properties in the
gfcpp.propertiesfile for native client authentication and authorization.
This section describes how to configure OpenSSL, implement SSL-based communication between your clients and servers, and run clients and servers with SSL enabled.