| --- |
| title: Configuring Authentication by the Cache Server |
| --- |
| |
| <!-- |
| Licensed to the Apache Software Foundation (ASF) under one or more |
| contributor license agreements. See the NOTICE file distributed with |
| this work for additional information regarding copyright ownership. |
| The ASF licenses this file to You under the Apache License, Version 2.0 |
| (the "License"); you may not use this file except in compliance with |
| the License. You may obtain a copy of the License at |
| |
| http://www.apache.org/licenses/LICENSE-2.0 |
| |
| Unless required by applicable law or agreed to in writing, software |
| distributed under the License is distributed on an "AS IS" BASIS, |
| WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| See the License for the specific language governing permissions and |
| limitations under the License. |
| --> |
| |
| When the cache server receives client credentials during the handshake operation, the server authenticates the client with the callback configured in the `security-client-authenticator` system property. The handshake succeeds or fails depending on the results of the authentication process. |
| |
| Here is an example of how you could configure `security-client-authenticator` in the `geode.properties` file: |
| |
| ``` pre |
| security-client-authenticator=templates.security.PKCSAuthenticator.create |
| ``` |
| |
| In the preceding configuration sample, `PKCSAuthenticator` is the callback class implementing the `Authenticator` interface and `create` is its factory method. |
| |
| The following example shows an implementation of the static `create` method: |
| |
| ``` pre |
| public static Authenticator create() { |
| return new PKCSAuthenticator(); |
| } |
| ``` |
| |
| |