> > On Jun 18, 2020, at 4:24 AM, Jakov Varenina > <jakov.varen...@est.tech<mailto:jakov.varen...@est.tech>> wrote: > > In order to completely remove the need for username/password, it is required > that we implement this new kind of authorization on *all* geode > interfaces/components (cluster, gateway, web, jmx, locator, server). The > reason why we didn't have any progress is because we faced major obstacle > during development when we tried to retrieve clients certificate from RMI > connections (e.g. jmx connections). It seems there are no easy/nice way to > retrieve it, and what we came up so far is following: > > 1) We have found some possible "hack solution" that could be implemented and > it is described in the following paper > (https://nam04.safelinks.protection.outlook.com/?url=http%3A%2F%2Fciteseerx.ist.psu.edu%2Fviewdoc%2Fdownload%3Fdoi%3D10.1.1.224.2915%26rep%3Drep1%26type%3Dpdf&data=02%7C01%7Cjabarrett%40vmware.com%7Ce9d45eb604334359a29708d814745030%7Cb39138ca3cee4b4aa4d6cd83d9dd62f0%7C0%7C0%7C637281837084459652&sdata=vWYeTsTQmP6RyIz5xEIdsVRjnXii%2Buk02TwLXuyGBEo%3D&reserved=0). > We have started to work on the prototype that will implement this solution.
Wow, that is a hack. Have you found any implementation of this solution. There doesn’t appear to be a repository listed. There also doesn’t appear to be a publish date on this document. The most recent references are from 2010. I wonder if things are better now. I am going to poke at the Java source code a bit and report back. Would your needs be dependent on Java 8? If we found a solution that only worked say with java 12, would that work? -Jake
