Please see comments inline. - If I choose user-level authentication and have 1,000 concurrent users, how many client connections to the Geode server will there be? - >> It'll be a connection per concurrent user as along as pool's 'max-connections' is not crossed. - Am I better off using process-level authentication? - >> In what context? Each caters to a different use case as outlined in the doc as you may have noticed already. With user-level authentication, you are authenticating multiple users instead of just one. - Who keeps track of the user-level authentication principal: the client itself, locators or servers? - >> Servers authenticate the client connections and keep track of authentication principal against an unique id for each user. With each subsequent operation, client sends this user-id to the server. - If locators and/or servers store user-level authentication principal; where do they store it: private region, private file? - >> Authentication principal is wrapped (in AuthorizeRequest/PP) and stored in a map which has the user-id as its key.
Regards, Amogh. On Wed, Jul 1, 2015 at 10:04 AM, gtantachuco . <[email protected]> wrote: > All, > This link explains user-level client authentication: > > http://geode-docs.cfapps.io/docs/managing/security/how_authentication_works.html > > I am curious about the inner workings of this user-level client > authentication: > > - If I choose user-level authentication and have 1,000 concurrent > users, how many client connections to the Geode server will there be? > - Am I better off using process-level authentication? > - Who keeps track of the user-level authentication principal: the > client itself, locators or servers? > - If locators and/or servers store user-level authentication > principal; where do they store it: private region, private file? > > Any help you can provide will be greatly appreciated. > > -- > Best regards, > -Guillermo > >
