Annotation Interface EnableAuth
@Target(TYPE)
@Retention(RUNTIME)
@Inherited
@Documented
@Import(AuthConfiguration.class)
@UsesGemFireProperties
public @interface EnableAuth
The
EnableAuth
annotation marks a Spring @Configuration
annotated Class
to configure and enable Pivotal GemFire/Apache Geode's Authentication and Authorization framework and services.- Since:
- 1.9.0
- Author:
- John Blum
- See Also:
-
Optional Element Summary
Modifier and TypeOptional ElementDescriptionUsed for authorization.Used for authorization.Used for authentication.Used for authentication.Used for authentication.Used with authentication.Used with authentication.long
Used with authentication.Used with authentication.Used with authentication.Used for authentication.
-
Element Details
-
clientAccessor
String clientAccessorUsed for authorization. Static creation method returning anAccessControl
object, which determines authorization of client-server cache operations. This specifies the callback that should be invoked in the pre-operation phase, which is when the request for the operation is received from the client. Defaults to unset. Use the spring.data.gemfire.security.client.accessor property in application.properties.- Default:
- ""
-
clientAccessorPostProcessor
String clientAccessorPostProcessorUsed for authorization. The callback that should be invoked in the post-operation phase, which is when the operation has completed on the server but before the result is sent to the client. The post-operation callback is also invoked for the updates that are sent from server to client through the notification channel. Defaults to unset. Use the spring.data.gemfire.security.client.accessor-post-processor property in application.properties.- Default:
- ""
-
clientAuthenticationInitializer
String clientAuthenticationInitializerUsed for authentication. Static creation method returning anAuthInitialize
object, which obtains credentials for clients. The obtained credentials should be acceptable to theAuthenticator
specified through the security-client-authenticator property on the clients. Defaults to unset. Use the spring.data.gemfire.security.client.authentication-initializer property in application.properties.- Default:
- ""
-
clientAuthenticator
String clientAuthenticatorUsed for authentication. Static creation method returning anAuthenticator
object, which is used by a server to verify the credentials of the connecting client. Defaults to unset. Use the spring.data.gemfire.security.client.authenticator property in application.properties.- Default:
- ""
-
clientDiffieHellmanAlgorithm
String clientDiffieHellmanAlgorithmUsed for authentication. For secure transmission of sensitive credentials like passwords, you can encrypt the credentials using the Diffie-Hellman key exchange algorithm. Do this by setting the security-client-dhalgo system property on the clients to the name of a valid symmetric key cipher supported by the JDK. Defaults to unset. Use the spring.data.gemfire.security.client.diffie-hellman-algorithm property in application.properties.- Default:
- ""
-
peerAuthenticationInitializer
String peerAuthenticationInitializerUsed with authentication. Static creation method returning anAuthInitialize
object, which obtains credentials for peers in a distributed system. The obtained credentials should be acceptable to theAuthenticator
specified through the security-peer-authenticator property on the peers. Defaults to unset. Use the spring.data.gemfire.security.peer.authentication-initializer property in application.properties.- Default:
- ""
-
peerAuthenticator
String peerAuthenticatorUsed with authentication. Static creation method returning anAuthenticator
object, which is used by a peer to verify the credentials of the connecting peer. Defaults to unset. Use the spring.data.gemfire.security.peer.authenticator property in application.properties.- Default:
- ""
-
peerVerifyMemberTimeout
long peerVerifyMemberTimeoutUsed with authentication. Timeout in milliseconds used by a peer to verify membership of an unknown authenticated peer requesting a secure connection. Defaults to 1000 milliseconds. Use the spring.data.gemfire.security.peer.verify-member-timeout property in application.properties.- Default:
- 1000L
-
securityLogFile
String securityLogFileUsed with authentication. The log file for security log messages. If not specified, the member’s regular log file is used. Defaults to unset. Use the spring.data.gemfire.security.log.file property in application.properties.- Default:
- ""
-
securityLogLevel
String securityLogLevelUsed with authentication. Logging level detail for security log messages. Valid values from lowest to highest are fine, config, info, warning, error, severe, and none. Defaults to config. Use the spring.data.gemfire.security.log.level property in application.properties.- Default:
- "config"
-
securityPropertiesFile
String securityPropertiesFileUsed for authentication. Any custom properties needed by yourAuthInitialize
orAuthenticator
callbacks store in an externalProperties
file. Any security-related (properties that begin with security-*) configuration properties that are normally configured in gemfire.properties can be moved to a separate gfsecurity.properties file. Placing these configuration settings in a separate file allows you to restrict access to security configuration data. This way, you can still allow read or write access for your gemfire.properties file. Defaults to unset. Use the spring.data.gemfire.security.properties-file property in application.properties.- Default:
- ""
-