1. Available commands 4.5.2. Subshell and completion mode 4.5.3. Unix like environment 4.5.4. Security 4.6. Remote 4.6.1. SSHd server 4.6.2. JMX MBeanServer 4.7. Log 4.7.1. Configuration files 14. Security 4.14.1. Realms 4.14.2. Users, groups, roles, and passwords 4.14.3. Passwords encryption 4.14.4. Managing authentication by key 4.14.5. RBAC 4.14.6. SecurityMBean 4.14.7. Security providers a features XML (karaf-feature-archetype) 5.13.5. Create a KAR file (karaf-kar-archetype) 5.14. Security framework 5.14.1. Overview 5.14.2. Schema and Deployer 5.14.3. Architecture 5.14.4. Available

the console remotely. The management layer is also accessible remotely. • Security: Apache Karaf provides a complete security framework (based on JAAS), and providing RBAC (Role-Based Access Control) mechanism class ... ProtectionDomain ProtectionDomain null null java.security.Permissions@6521c24e ( ("java.security.AllPermission" "" "") ) Signers the developers guide for details. USING THE CONSOLE 47 SECURITY The Apache Karaf console supports a Role Based Access Control (RBAC) security mechanism. It means that depending of the user connected

apache.kafka.common.serialization.StringSerializer # Name of the topic #topic=decanter # Security (SSL) #security.protocol=SSL # SSL truststore location (Kafka broker) and password #ssl.truststore.location=${karaf JKS) #ssl.keystore.type=JKS # Security (SASL) # For SASL, you have to configure Java System property as explained in http://kafka.apache.org/documentation.html#security_ssl karaf@root()> feature:install ############ Security ################################ # Uncomment if you want to enable JSONP as a valid return transport on the # http server. With this enabled, it may pose a security risk, so disabling

com.sun.jmx.remote.opt, \ com.sun.jmx.remote.opt.internal, \ com.sun.jmx.remote.opt.security, \ com.sun.jmx.remote.opt.util, \ com.sun.jmx.remote.profile, \ com.sun.jmx.remote.profile apache.kafka.common.serialization.StringSerializer # Name of the topic #topic=decanter # Security (SSL) #security.protocol=SSL # SSL truststore location (Kafka broker) and password #ssl.truststore.location=${karaf JKS) #ssl.keystore.type=JKS # Security (SASL) # For SASL, you have to configure Java System property as explained in http://kafka.apache.org/documentation.html#security_ssl The configuration is similar

especially: * the Hazelcast cluster identifiers (group name and password) * network discovery and security configuration karaf@root()> cluster: karaf@root()> feature:install cellar-event karaf@root()> to this group will be discovered, default will try all running instances --> <security-group-name>hazelcast-sgsecurity-group-name> type hz-nodes Third listens on all interfaces (0.0.0.0). But you can specify an interface: Finally, you can also enable security transport on the cluster. Two modes are supported: * SSL: • Symmetric Encryption: Cellar provides

especially: * the Hazelcast cluster identifiers (group name and password) * network discovery and security configuration karaf@root()> cluster: karaf@root()> feature:install cellar-event karaf@root()> to this group will be discovered, default will try all running instances --> <security-group-name>hazelcast-sgsecurity-group-name> type hz-nodes Third listens on all interfaces (0.0.0.0). But you can specify an interface: Finally, you can also enable security transport on the cluster. Two modes are supported: • SSL: • Symmetric Encryption: Cellar provides