This section provides an understanding of GigaSpaces XAP Security, where it fits in the GigaSpaces architecture, which components can be secured, and how to configure and customize the security depending on your application security requirements.
GigaSpaces Security provides comprehensive support for securing your data, services or both. GigaSpaces provides a set of authorities granting privileged access to data and for performing operations on services.
As you probably know, security comprises two major operations: "authentication" and "authorization". "Authentication" is the process of establishing and confirming the authenticity of a principal. A principal in GigaSpaces terms means a user (human or software) performing an action in your application. "Authorization" refers to the process of deciding whether a principal is allowed to perform this action. The flow is for a principal to be established by the authentication process and then be authorized by the authorization decision process when performing actions. These concepts are common, and not specific to GigaSpaces Security.
At an authentication level, GigaSpaces security is equipped with standard encryption algorithms (such as AES and MD5), which can be easily configured and replaced. The authentication layer is provided with a default implementation, which can be customized to integrate with other security standards (i.e. Spring Security). This layer is also known as the "authentication manager".
The authentication layer is totally independent from the authorization decision layer. The "authorization decision manager" is internal to GigaSpaces components and is used to intercept unauthorized access/operations to data and services.
GigaSpaces security architecture, as of 7.0.1, has been redesigned to meet the needs of enterprise application security. We have tried to provide a complete experience throughout all the components - for a useful, configurable and extendable security system.
To help you get started, the section goes through the basics, how to secure the components, administration tools, applying security to the HelloWorld example and finally once you gain an in-depth understanding shows how to customize the security based on your application requirements.
If you are migrating your security to GigaSpaces XAP 7.0.1, we suggest to read the short migration introduction.