Default authentication
| When Hazelcast security is enabled, we recommended you explicitly specify authentication types for client-to-member and member-to-member authentication. The default authentication method described in this section is kept in Hazelcast for backward compatibility reasons. |
Default authentication is used when security is enabled and no explicit authentication configuration is provided. This can happen when:
-
member-authenticationis not configured -
the security realm referenced by
member-authenticationdoesn’t contain theauthenticationconfiguration -
client-authenticationis not configured -
the security realm referenced by
client-authenticationdoesn’t contain theauthenticationconfiguration
The behavior of the default authentication mechanism depends on the member’s identity configuration
(i.e. identity configuration in the security realm referenced from member-authentication).
If the identity is configured as a username-password, then the authenticated username and password
credentials are checked for equality with these configured ones. In all other cases, only the incoming
cluster name is checked for equality with the one configured on the authenticating member.
