public class SimpleTestSecurityManager extends java.lang.Object implements SecurityManager
SecurityManager for authentication and
authorization solely based on the username and password provided.
It is meant for demo purpose, not for production.
Authentication: All users whose password matches the username are authenticated. e.g.
username/password = test/test, user/user, admin/admin
Authorization: users whose username is a substring (case insensitive) of the permission required
are authorized. e.g. username = data: is authorized for all data operations: data; data:manage
data:read data:write username = dataWrite: is authorized for data writes on all regions:
data:write data:write:regionA username = cluster: authorized for all cluster operations username
= clusterRead: authorized for all cluster read operations
a user could be a comma separated list of roles as well.| Constructor and Description |
|---|
SimpleTestSecurityManager() |
| Modifier and Type | Method and Description |
|---|---|
java.lang.Object |
authenticate(java.util.Properties credentials)
Verify the credentials provided in the properties
Your security manager needs to validate credentials coming from all communication channels.
|
boolean |
authorize(java.lang.Object principal,
ResourcePermission permission)
Authorize the ResourcePermission for a given Principal
|
void |
close()
Close any resources used by the SecurityManager, called when a cache is closed.
|
void |
init(java.util.Properties securityProps)
Initialize the SecurityManager.
|
public void init(java.util.Properties securityProps)
SecurityManagerinit in interface SecurityManagersecurityProps - the security properties obtained using a call to
DistributedSystem.getSecurityProperties()public java.lang.Object authenticate(java.util.Properties credentials)
throws AuthenticationFailedException
SecurityManagerauthenticate in interface SecurityManagercredentials - it contains the security-username and security-password as keys of the
properties, also the properties generated by your AuthInitialize interfaceAuthenticationFailedExceptionpublic boolean authorize(java.lang.Object principal,
ResourcePermission permission)
SecurityManagerauthorize in interface SecurityManagerprincipal - The principal that's requesting the permissionpermission - The permission requestedpublic void close()
SecurityManagerclose in interface SecurityManager