Configuring Authentication

When you enable user authentication, a valid username and password are required in order to start up a new GemFire XD member in the distributed system; join an existing distributed system; and connect to a running GemFire XD distributed system. GemFire XD verifies the name and password against a repository of users that is defined for the system. Authentication is not enabled by default.

GemFire XD authenticates users credentials against a repository of users that you specify. GemFire XD provides a built-in repository, or you can configure the system to use an LDAP directory service or a custom authentication service that you create.

Note: The GemFire XD built-in authentication mechanism is suitable only for development and testing purposes. Production systems should use an LDAP repository or custom directory service, and should secure network connections using SSL/TLS.

After GemFire XD authenticates a user, it grants the user access to the GemFire XD distributed system, either by starting up the GemFire XD member in a new distributed system, joining the member to an existing distributed system, or simply connecting to a distributed system as a client. Authenticated users may also access to database objects according to the SQL authorization configuration. (SQL authorization is not enabled by default).

Note: Because GemFire XD can be embedded within a Java application, it is also possible to deploy a system in which the Java application, rather than the embedded GemFire XD process, handles user authentication.