New Security in Apache Geode

October 19, 2016

Hear about the new security framework released in Apache Geode 1.0 M3. This framework provides a simplified implementation based on Apache Shiro. Slides: http://www.slideshare.net/PivotalOpenSourceHub/new-security-framework-in-apache-geode 01:34 How do people interact with Geode in ways that need to be secured? 02:52 What security capabilities does Geode need to provide? 03:36 How did security work in Geode before? 06:49 Overview of new Geode security framework 08:14 Code for SecurityManager interface 10:21 About Users, Roles, Resource Permissions, and Operations 20:09 How to implement application-specific roles 23:05 How to implement data-member access control with post processing 25:30 Demo of framework using multiple GFSH users 36:19 Q: Can someone update security settings while the cluster is running? 40:46 How Geode uses Apache Shiro to implement security 42:55 Future directions or enhancing security with Apache Shiro 44:17 Q: How can the app developer know which user is executing a function? 46:50 How does the new security framework fit with Spring Security and Spring Data Geode? 50:42 For the next version of Geode, the old security paradigm is supported for backward compatibility 51:21 What releases of Geode have the new security functionality?

The Future of Product Management — Janice Fraser

This is a thought piece and call to action for product managers in the software industry. In this talk, Jan...

Next Video

Developing a Geospatial Webservice with Kotlin and Spring Boot

Recorded at SpringOne Platform 2016. Slides: http://www.slideshare.net/SpringCentral/developing-a-geospatia...

New Security in Apache Geode

Previous

Next Video

Related content in this Stream

Constantly pressured by external factors, the retail industry is facing a massive challenge that is driving a greater need for application modernization. One aspect of this for bricks and mortar store

Here at the Tanzu Division of Broadcom, our business is more committed than ever to innovating VMware Tanzu solutions and services. In this video hosted by industry expert and developer advocate, Mich

There are many tools in the market to facilitate the deployment of open source software as containers in an air-gapped environment. But deploying open source software as Helm charts in an air-gapped e

'The GemFire Side Chats' - brings to you candid conversations around Tanzu GemFire - the product, its features and usage. In this episode, we take you through the transformative role of Tanzu GemFire

Learn how you can gain deep visibility into your open source software supply chain with the Software Package Data Exchange (SPDX) standard software bill of materials (SBoM) from Tanzu Application Cata

If you're lucky enough to have platform group in your company, @thecote shares three things you should ask them to help you with. Read more about the Tanzu Application Service AI beta here: https://t

SOPS (Secrets OPerationS) is an editor of encrypted files and is a simple way to secure and manage sensitive assets. SOPS supports YAML, JSON, ENV, INI, and binary formats. By being able to integrate

Tanzu Application Catalog (an enterprise version of Bitnami Application Catalog) is a catalog of trusted, continuously maintained, and verifiably tested open source software images that is custom-buil

Welcome to an engaging and insightful webinar tailored for Spring Java developers, security teams, and software leaders. We're diving deep into the cutting-edge advancements in the Spring ecosystem –

In this episode, we explore the key features of Spring and why it is so prevalent within the modern application market. Together, lets dive into details on the world's most popular java framework an

Tanzu Developer Advocate and Enlightning host Whitney Lee speaks with Tanzu Solutions Architect, Alex Barbato to unpack the Software Bill of Material (SBOM). SBOMs have gained a lot of attention in th

OpenFGA is a flexible authorization engine built for developers and designed to make it easy for them to model their application permissions and add and integrate fine-grained authorization into their

The Open Policy Containers project provides a secure software supply chain for Open Policy Agent (OPA) policies, enabling a policy-as-code workflow for maintainers and consumers of policies to easily

Yahoo developed and open sourced a service authentication and role-based authorization system called Athenz to address the core zero trust principles. Yahoo uses Athenz to bootstrap their instances de

Start here: https://cote.io/springbill/ Also, see @dashaun's video here: https://www.youtube.com/watch?v=p6iE6hMU9q4

Network Service Mesh takes concepts from traditional L7 application service meshes and brings them down to L3 payloads, enabling your workloads to get the connectivity, security, and observability the

Confidential Containers allow users to run sensitive cloud native workloads in an untrusted cloud. We'll explore how this is possible and how you can use the project with your own workloads. Join h

Fresh from working on developer platforms at Uber, Serdar Badem tells us his experience working on improving developer productivity. He's working at Tanzu now and so he also discusses the work we're d

Explore SPIFFE (Secure Production Identity Framework For Everyone), a CNCF project revolutionizing identity management in cloud-native systems. This session introduces you to SPIFFE’s approach to