[
https://issues.apache.org/jira/browse/GEODE-9546?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Dan Smith updated GEODE-9546:
-----------------------------
Description:
The Redis [AUTH|https://redis.io/commands/auth] command must be integrated with
the Geode SecurityManager.
# Remove the Geode property compatible-with-redis-password that currently
being used for the Redis password.
# Add a new geode property for the Redis default user ID,
compatible-with-redis-user
# When a user issues an AUTH Command, the server must call the authenticate
method on the customer's SecurityManager with the user (security-username
property) and the user provided password (security-password property) and
properly handle the AuthenticationFailedException. If the AUTH command was
called without a user the value of compatible-with-redis-user should be used.
# The Object/Principal returned from a successful authenticate method call
must be cached, associated with the client connection, and available for reuse
in subsequent authorization calls.
+Acceptance Criteria+
When a security manager is configured, redis clients that don't AUTH with a
valid password cannot perform operations. Redis clients that do AUTH with a
valid password can perform redis operations.
was:
The Redis [AUTH|https://redis.io/commands/auth] command must be integrated with
the Geode SecurityManager.
# Remove the Geode property compatible-with-redis-password that currently
being used for the Redis password.
# Add a new geode property for the Redis default user ID,
compatible-with-redis-user
# When a user issues an AUTH Command, the server must call the authenticate
method on the customer's SecurityManager with the default Redis User
(security-username property) and the user provided password (security-password
property) and properly handle the AuthenticationFailedException.
# The Object/Principal returned from a successful authenticate method call
must be cached, associated with the client connection, and available for reuse
in subsequent authorization calls.
+Acceptance Criteria+
When a security manager is configured, redis clients that don't AUTH with a
valid password cannot perform operations. Redis clients that do AUTH with a
valid password can perform redis operations.
> Enable Redis Server to Authenticate Using SecurityManager
> ---------------------------------------------------------
>
> Key: GEODE-9546
> URL: https://issues.apache.org/jira/browse/GEODE-9546
> Project: Geode
> Issue Type: New Feature
> Reporter: Wayne
> Priority: Major
>
> The Redis [AUTH|https://redis.io/commands/auth] command must be integrated
> with the Geode SecurityManager.
> # Remove the Geode property compatible-with-redis-password that currently
> being used for the Redis password.
> # Add a new geode property for the Redis default user ID,
> compatible-with-redis-user
> # When a user issues an AUTH Command, the server must call the authenticate
> method on the customer's SecurityManager with the user (security-username
> property) and the user provided password (security-password property) and
> properly handle the AuthenticationFailedException. If the AUTH command was
> called without a user the value of compatible-with-redis-user should be used.
> # The Object/Principal returned from a successful authenticate method call
> must be cached, associated with the client connection, and available for
> reuse in subsequent authorization calls.
> +Acceptance Criteria+
>
> When a security manager is configured, redis clients that don't AUTH with a
> valid password cannot perform operations. Redis clients that do AUTH with a
> valid password can perform redis operations.
>
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
