SecurityManager and the old AccessControl can't work together. The
postprocessor is supposed to cover field level security, but due to
GEODE-2153, we need to enhance post-processor to include more information
(either what field the query is accessing or the entire query string) in
order to truly su
You cannot use SecurityManager AND AccessControl/Authenticator at the same
time. It's either SecurityManager or the old callbacks but not both.
The authorizeOperation callback is specific to OperationContext.
OperationContext is deprecated in favor of ResourcePermission which
reorganizes everythin
We should also keep in mind this may not be possible when using an actual,
robust security framework like *Apache Shiro*, or *Shiro* may provide
different callbacks/mechanisms/extensions.
This should be taken into account in the "solution" since most sensible
users will use a well-known, proven se
The old security framework had an authorizeOperation method that had enough
information to be able to inspect and modify an OQL string before it would
be executed. That whole framework is now deprecated, but I feel like it's a
really powerful feature being able to modify OQL in such a way as to
sup
