XAP7 == "XAP9NET" || XAP7 == "XAP9" || XAP7 == "XAP9NET")


Search XAP 7.0
Searching XAP 7.0.X Documentation
Browse XAP 7.0
Offline Documentation

Download latest offline documentation in HTML format:
xap-7.0.2-documentation.zip (12.3MB)


Summary: This section describes the security model since GigaSpaces XAP 7.0.1.
It is highly recommended to use version 7.0.1. The security implementation of older version is deprecated and is no longer supported in version 7.0.1 onwards. Users of the older versions can find the documentation of the older mechanism here


This section provides an understanding of GigaSpaces XAP Security, where it fits in the GigaSpaces architecture, which components can be secured, and how to configure and customize the security depending on your application security requirements.


What is GigaSpaces Security

GigaSpaces Security provides comprehensive support for securing your data, services or both. GigaSpaces provides a set of authorities granting privileged access to data and for performing operations on services.

As you probably know, security comprises two major operations: "authentication" and "authorization". "Authentication" is the process of establishing and confirming the authenticity of a principal. A principal in GigaSpaces terms means a user (human or software) performing an action in your application. "Authorization" refers to the process of deciding whether a principal is allowed to perform this action. The flow is for a principal to be established by the authentication process and then be authorized by the authorization decision process when performing actions. These concepts are common, and not specific to GigaSpaces Security.

At an authentication level, GigaSpaces security is equipped with standard encryption algorithms (such as AES and MD5), which can be easily configured and replaced. The authentication layer is provided with a default implementation, which can be customized to integrate with other security standards (i.e. Spring Security). This layer is also known as the "authentication manager".

The authentication layer is totally independent from the authorization decision layer. The "authorization decision manager" is internal to GigaSpaces components and is used to intercept unauthorized access/operations to data and services.

GigaSpaces security architecture, as of 7.0.1, has been redesigned to meet the needs of enterprise application security. We have tried to provide a complete experience throughout all the components - for a useful, configurable and extendable security system.

Getting Started

To help you get started, the section goes through the basics, how to secure the components, administration tools, applying security to the HelloWorld example and finally once you gain an in-depth understanding shows how to customize the security based on your application requirements.

If you are migrating your security to GigaSpaces XAP 7.0.1, we suggest to read the short migration introduction.

Section Contents

IMPORTANT: This is an old version of GigaSpaces XAP. Click here for the latest version.