6 Replies Latest reply on Mar 9, 2016 5:49 AM by Udit Mishra

    Doubts regarding authenticating clients.

    Udit Mishra Novice

      I tried to implement DIGEST-MD5 for authenticating hot rod client. It worked well. I created the user in ApplicationRealm, gave it some role, then later on I authenticated that user. So far, so good. But, I have certain doubts.

       

      1. I guess, I have to keep identical copies of application-user.properties and application-roles.properties in all the nodes. How would that work in a running cluster where I wil keep on adding users. Do I have to manually copy the files on all nodes each time I add a user??
      2. Does it require a restart of the nodes?
      3. If multiple clients access the same cluster, assuming they'll have different distributed caches (lets say based on instance name), how can I ensure that one UserA of instanceA can access only cache entries of cache instanceA. Do I have to define unique role for each instance?
      4. Is there any way that even if I share the same role for different cache (lets say an Admin role with permission All), UserA should be able to access only cache instanceA ? Even if that user accidentally tries to access cache instanceB, he should get an unauthorized access.