I am in favor of keeping the SSL thoughts separate from the RBAC thoughts, but I don't see any reason they couldn't share the same repository.
That said though, does putting it all into the Cluster Configuration Manager (CCM) make it so that you can only have security if you are using CCM for configuration? -- Mike Stolz Principal Engineer, GemFire Product Manager Mobile: 631-835-4771 On Fri, Sep 23, 2016 at 1:48 PM, Jinmei Liao <jil...@pivotal.io> wrote: > Hi, All, > > I am working on this ticket: > https://issues.apache.org/jira/browse/GEODE-1659. Basically, currently, > any > member(locator or server) needs to specify its own security-manager in > order to protect its data which could leads to misconfiguration and data > leak. So we would like to put it into the cluster configuration so any > member who wants to join the cluster will need to apply the same security > measures. > > Now Here is my question, should we only put the "security-manager" and > "security-post-processor" in the cluster config or any "security-*" > settings, which include SSL settings as well. > > Thanks! > > -- > Cheers > > Jinmei >
