> On Sep 17, 2016, at 5:29 PM, Swapnil Bawaskar <[email protected]> wrote: > > So, my proposal for issues to be targeted for 1.0 is: > GEODE-136 Fix possible NullPointerException in Gfsh's 'list regions' > command's GetRegionsFunction > GEODE-1466 Branding: rename gemfire.properties file to geode.properties file > GEODE-17 Provide Integrated Security > GEODE-37 (package renaming) > GEODE-1791 (LICENSE update)
GEODE-17 implies:
GEODE-1569 (add post authorization processing in JMX and CLI commands)
GEODE-1570 (secure developer REST API)
GEODE-1571 (Client security should be able to use Resource:Operation
permissions)
GEODE-1648 (Provide ability to disable security for some components) **
GEODE-1643 (The new SecurityManager need to authenticate the gateway
sender/receiver as well)
GEODE-1659 (Prevent misconfiguration of Integrated Security)
Were you thinking all these security enhancements should be included in 1.0.0?
Seems like that could potentially be a lengthy process. Does it make sense to
release at these changes incrementally?
The other items in scope for 1.0.0 look good to me.
Anthony
** there was a recent discussion on this topic where the suggestion was to not
allow per-component RBAC configuration:
https://mail-archives.apache.org/mod_mbox/incubator-geode-dev/201609.mbox/%3ccangouwssfmszbmlv9eq2kavgjtj_t2f1ad-qra8gzqmeq4t...@mail.gmail.com%3e
signature.asc
Description: Message signed with OpenPGP using GPGMail
