A hash is not guaranteed unique so is not suitable as a security token. -- Mike Stolz Principal Engineer, GemFire Product Manager Mobile: +1-631-835-4771
On Fri, Aug 25, 2017 at 4:49 PM, galen-pivotal <g...@git.apache.org> wrote: > Github user galen-pivotal commented on the issue: > > https://github.com/apache/geode/pull/719 > > @metatype We need the `StreamAuthenticator` to receive and send > (Protobuf-encoded) messages containing the credentials that get passed to > the `SecurityManager`. I would think that ideally it's nothing more than > this. > > I wonder if it would be better to send a hash that gets put into the > Properties that SecurityManager uses, rather than having a message that > explicitly contains username and password. > > > --- > If your project is set up for it, you can reply to this email and have your > reply appear on GitHub as well. If your project does not have this feature > enabled and wishes so, or if the feature is enabled but not working, please > contact infrastructure at infrastruct...@apache.org or file a JIRA ticket > with INFRA. > --- >
