Encryption, SSL secure communication, authentication, and authorization features help to secure the cluster.
Security features include:
An authentication and authorization mechanism forms the core of the internal security of the cluster. Communications may be further protected by enabling SSL for data in transit.
Authentication verifies the identity of communicating components, leading to control over participation. The variety of participants include peer members, servers, clients, originators of JMX operations, Pulse, gateway senders and receivers representing WAN members of the system, and commands arriving from
gfsh on behalf of system users or administrators.
Connection requests trigger the invocation of an authentication callback. This special-purpose callback is written as part of the application, and it attempts to authenticate the requester by whatever algorithm it chooses. The result is either a returned principal representing the requester's authenticated identity or an exception indicating that the requester has not been authenticated. The principal becomes part of any request for operations, which go through the authorization process.
Given authentication, isolation and access to cache data and system state can be further protected by implementing the authorization mechanism, also implemented as a special-purpose callback as part of the application. For example, the protection may be to permit only certain system administrators to start and stop servers. The authority to do this needs to be limited to specific verified accounts, preventing those without the authorization. An implementation of the authorization callback will require that an authenticate identity accompanies all requests to the system, and that the system maintains a representation of which identities are permitted to complete which actions or cache commands.