/commented by steve neal/ Hi Dimitry.
Our cluster is already configured to use I.P. discovery as our machines are not on the same sub-net. However, this is not sufficiently secure for our requirements as we work in a heavily audited industry. For example, it is currently possible for a developer to releases a component in our test environment and accidentally configures it with a production I.P. address for discovery, their component would then unwittingly join the prod cluster from a test/development environment. I've seen there are a lot of Security processors and a plugin mechanism that allows me to override the core services in the Kernal, but I do not know which of these to swap our to be able to implement a white-list policy. I've tried without much success at changing the GridSecurityProcessor. Am I looking in the right place? Is there a simpler approach? The plugins are quite complex. Thanks. ----- /This post is migrated from now discontinued Apache Ignite forum at http://apacheignite.readme.io/v1.0/discuss/ -- View this message in context: http://apache-ignite-users.70518.x6.nabble.com/Securing-a-cluster-tp32p34.html Sent from the Apache Ignite Users mailing list archive at Nabble.com.
