org.apache.geode.security (Apache Geode 1.15.1)

Interface Summary
Interface	Description
AccessControl	Deprecated since Geode 1.0, use `SecurityManager` instead
Authenticator	Deprecated since Geode 1.0, use `SecurityManager` instead
AuthInitialize	Specifies the mechanism to obtain credentials for a client or peer.
PostProcessor	PostProcessor allows the customer to massage the values seen by a particular user.
SecurableCommunicationChannels	This class defines all the static definitions for the `ConfigurationProperties.SSL_ENABLED_COMPONENTS` Since: Geode 1.0
SecurityManager	User implementation of a authentication/authorization logic for Integrated Security.

Class Summary
Class Description

ResourcePermission
ResourcePermission defines the resource, the operation, the region and the key involved in the action to be authorized.
Enum Summary
Enum Description

AuthTokenEnabledComponents

ResourcePermission.Operation

ResourcePermission.Resource

ResourcePermission.Target

Class Summary
Class	Description
ResourcePermission	ResourcePermission defines the resource, the operation, the region and the key involved in the action to be authorized.

Enum Summary
Enum	Description
AuthTokenEnabledComponents
ResourcePermission.Operation
ResourcePermission.Resource
ResourcePermission.Target

Exception Summary
Exception	Description
AuthenticationExpiredException	This exception is thrown by the SecurityManager's authorize method to indicate that the authentication has expired.
AuthenticationFailedException	Thrown if authentication of this client/peer fails.
AuthenticationRequiredException	Thrown if the distributed system is in secure mode and this client/peer has not set the security credentials.
GemFireSecurityException	The base class for all org.apache.geode.security package related exceptions.
NotAuthorizedException	Thrown when a client/peer is unauthorized to perform a requested operation.

Package org.apache.geode.security Description

Provides an API for plugging in authentication and authorization for members of a distributed system and clients.

GemFire security framework

The security framework tackles two requirements: authentication of nodes and authorization for operations. The authentication piece deals with authentication of nodes in a peer-to-peer network as well as of the clients that connect to the servers.

It is not our plan to provide a sophisticated security infrastructure built into GemFire. Most enterprise customers have their own authentication and entitlement management infrastructure and our plan is make sure the framework allows application administrators to delegate the responsibility to external providers.