Process and Multiuser Authentication

Client connections can be authenticated at two levels, process and multiuser.

  • Process. Each pool creates a configured minimum number of connections across the server group. The pool accesses the least-loaded server for each cache operation.

    Process-level connections represent the overall client process and are the standard way a client accesses the server cache.

  • Multi-user. Each user/pool pair creates a connection to one server and then sticks with it for operations. If the server is unable to respond to a request, the pool selects a new one for the user.

    Typically, application servers or web servers that act as clients to GemFire servers make multi-user connections. Multi-user allows a single application or web server process to service a large number of users with varied access permissions.

By default, server pools use process-level authentication. Enable multi-user authentication by setting a pool’s multi-user-secure-mode-enabled attribute to true.

Credentials can be sent in encrypted form using the Diffie-Hellman key exchange algorithm. See Encrypt Credentials with Diffe-Hellman for more information.