Details
-
New Feature
-
Status: Closed
-
Major
-
Resolution: Fixed
-
None
Description
Every Redis Command/API invocation must be authorized against the customer provided Security Manager.
The SecurityManager.authorize method must be called for every Redis API call using the principal returned by the SecurityManager.authenticate method during the authentication process.
The ResourcePermission passed to the authorize method should be the same for all operations. The actual permission string is TBD - perhaps DATA:WRITE:REDIS_DATA ?? In the future we may provide more fine grained support with different ResourcePermissions for different redis operations.
Acceptance Criteria
TBD
Attachments
Issue Links
- is blocked by
-
GEODE-9546 Enable Redis Server to Authenticate Using SecurityManager
- Closed
- links to