XAP

Custom Security

This section assumes that you are familiar with basic security concepts, and with GigaSpaces-specific security configurations. Before implementing custom security from scratch, consider the following alternatives:

GigaSpaces security was designed with customization in mind. There are numerous security standards and practices, so users can implement the built-in security features out of the box, or customize them to suit the needs of the industry and environment.

You can customize the security protocols for the following:

Packaging and Classpath

The most common scenario is for all services to share the same custom security. This is easily accomplished by placing the custom implementation classes in the lib/optional/security directory.

You can use a different directory by configuring the com.gigaspaces.lib.opt.security system property.

$GS_HOME/lib/optional/security/my-custom-security.jar

Processing UnitsClosed This is the unit of packaging and deployment in the GigaSpaces Data Grid, and is essentially the main GigaSpaces service. The Processing Unit (PU) itself is typically deployed onto the Service Grid. When a Processing Unit is deployed, a Processing Unit instance is the actual runtime entity. can share a custom security implementation that may differ from that of the GSMClosed Grid Service Manager. This is is a service grid component that manages a set of Grid Service Containers (GSCs). A GSM has an API for deploying/undeploying Processing Units. When a GSM is instructed to deploy a Processing Unit, it finds an appropriate, available GSC and tells that GSC to run an instance of that Processing Unit. It then continuously monitors that Processing Unit instance to verify that it is alive, and that the SLA is not breached. and GSCs. In this case, the custom security JAR can be placed under pu-common.

$GS_HOME/lib/optional/pu-common/my-pu-custom-security.jar

If each Processing Unit has its own custom security implementation, the custom security JAR can be part of the Processing Unit distribution.

$GS_HOME/deploy/hello-processor/lib/my-processor-custom-security.jar

We recommend that the custom security JAR contain only security-related classes.