Creating Users for BUILTIN Authentication

The GemFire XD BUILTIN authentication provider is suitable for development and testing only. When using this security mechanism, the GemFire XD system maintains the repository of username and password information.

BUILTIN User Accounts

The BUILTIN provider supports two different types of user account:
  • System user accounts are visible to all members of the GemFire XD system, and have privileges to join members to the cluster and shut down cluster members. The list of valid system users is established using system properties when you boot a GemFire XD server or locator. You should use only a few system-level users in a GemFire XD deployment (for example, one system user for a standalone locator and one for GemFire XD servers).

    You create user names and passwords for system users by specifying them with the gemfirexd.user.<UserName>=<password> property in the file. See Create and View System Users.

  • Distributed system user accounts are used to establish connections to a GemFire XD cluster and to protect database resources using SQL authorization. You define distributed system user credentials by connecting to a running GemFire XD system and executing a built-in procedure. Privileges on individual database resources are then granted using SQL commands. See Create Distributed System Users.
Note: The GemFire XD built-in authentication mechanism is suitable only for development and testing purposes. Production systems should use LDAP or a user-defined class for authentication. Production systems should also use SSL/TLS to protect network connections.