[
https://issues.apache.org/jira/browse/GEODE-10563?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jinwoo Hwang reassigned GEODE-10563:
------------------------------------
Assignee: Jinwoo Hwang
> Testcases — Server-Only TLS with Application-Layer Authentication
> -----------------------------------------------------------------
>
> Key: GEODE-10563
> URL: https://issues.apache.org/jira/browse/GEODE-10563
> Project: Geode
> Issue Type: Improvement
> Reporter: Jinwoo Hwang
> Assignee: Jinwoo Hwang
> Priority: Major
>
> h3. Summary
> Create testcases to validate a Server-only TLS deployment where servers
> present public (or internal) TLS certificates for encryption but clients
> authenticate using application-layer credentials (username/password, tokens,
> or mutual application-level certificates). Tests cover connectivity, auth
> flows, misconfiguration, and security/regression scenarios. Use these
> testcases to create individual JIRA test tickets.
> h3. Test environment / prerequisites
> - Java runtime matching CI environment
> - Keystore/truststore artifacts for servers (public or internal CA-signed)
> - Authentication backends: built-in security manager, LDAP/JAAS stub, token
> auth service (if used)
> - Nodes available: at least 2 servers (peers), 1 locator, 2 clients (one
> using valid app credentials, one invalid)
> - Ensure `ssl-keystore-type=JKS`, `ssl-truststore-type=JKS` are configurable
> in test node properties
> h3. Acceptance criteria
> - Test is reliable and reproducible in CI.
> - Test asserts TLS encryption is active and that application-layer
> authentication and authorization succeed/fail as expected with clear log
> evidence.
> - Performance tests should include baseline comparisons and documented
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
