[jira] [Commented] (GEODE-8149) Introduce new parameter to control the feature

Fri, 22 May 2020 00:23:31 -0700 


    [ 
https://issues.apache.org/jira/browse/GEODE-8149?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17113814#comment-17113814
 ] 

ASF GitHub Bot commented on GEODE-8149:
---------------------------------------

jvarenina commented on a change in pull request #5139:
URL: https://github.com/apache/geode/pull/5139#discussion_r429084330



##########
File path: 
geode-core/src/main/java/org/apache/geode/distributed/ConfigurationProperties.java
##########
@@ -2032,6 +2032,23 @@
    * Default: empty. All security components use basic (username/password) 
authentication
    */
   String SECURITY_AUTH_TOKEN_ENABLED_COMPONENTS = SECURITY_PREFIX + 
"auth-token-enabled-components";
+
+  /**
+   * The static String definition of the <i>"security-cn-auth-enabled"</i> 
property
+   * </p>
+   *
+   * <U>Description</U> This parameter only works if SSL with two-way 
handshake is enabled on
+   * all components and security manager is enabled. This property will 
determine if common name
+   * from client certificate will be used for authentication and authorization.

Review comment:
       Thanks for the comments. I will rephrase it as you suggested.




----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> Introduce new parameter to control the feature
> ----------------------------------------------
>
>                 Key: GEODE-8149
>                 URL: https://issues.apache.org/jira/browse/GEODE-8149
>             Project: Geode
>          Issue Type: Sub-task
>            Reporter: Jakov Varenina
>            Assignee: Jakov Varenina
>            Priority: Major
>
> * New parameter _security-cn-auth-enabled_ (default value "false") parameter 
> should be introduced to control this new feature. It should be allowed to set 
> only if mutual SSL is enabled on all components: _ssl- 
> ssl-require-authentication == true && ssl-web-require-authentication == true 
> && ssl-enabled-components==(ALL or all components listed) && 
> security-manager.isSet == true_
>  * New property _security-common-name_ for _security-manager.authentication_ 
> method should be introduced
>  * New integration and unit tests



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Reply via email to