Summary: Security functions of the Space Container, Security Filter, Space Accounts File, Stub Handler, and Secured Proxy.

Overview

Name Description
Space Container The space container manages the space life cycle. The space container has basic control capabilities that allow the administrator to enable READ-ONLY or FULL-CONTROL access to the container. Each space container includes administrator user credentials. Only this user is authorized to modify the space security settings (Security Filter) running at the container. The administrator user and password are defined during installation.
Security Filter The security filter probes and intercepts incoming calls to a specific space node. Interception occurs in predefined hooks, such as a proxy initialization, before and after write operations, and before read and take operations. GigaSpaces provides a generic filtering mechanism. Filters are installed as a plug-in to the space via the space configuration file. The default security filter addresses both the authentication and authorization of the space. Since the security model is based on a plug-in mechanism, users can provide their custom authentication and authorization filters either by extending the default filter or by re-implementing it. Custom roles can be defined. These block space operations based on entry class type and field value content. Polymorphism class based support allows a class to inherit its super class security attributes.
Space Accounts File The Space accounts file contains usernames, passwords, system roles and user-defined custom roles. A simple driver is used to access this information. This information is stored by default in an encrypted file located at <GigaSpaces Root>\security\default-users. This file is utilized by the default security filter to authenticate a user and to determine whether that user is allowed to perform specific operations on the space, based on the user's role(s).
Stub Handler The Stub Handler generates stubs for its space proxies. The stub is embedded within the space proxy. GigaSpaces provides two stub handlers: a default that generates RMI stubs and an SSL handler that generates RMI over SSL stubs. The GigaSpaces security mechanism uses the latter to generate SSL stubs. As with the filters and the account file, this driver can be replaced by a customized driver.
Secured Proxy A secured proxy includes support for authorization and authentication. It also implements a client side access control.
GigaSpaces.com - Legal Notice - 3rd Party Licenses - Site Map - API Docs - Forum - Downloads - Blog - White Papers - Contact Tech Writing - Gen. by Atlassian Confluence