Default authentication

The Default Authentication is used when security is enabled and no explicit authentication configuration is provided. It can happen when:

  • member-authentication is not configured

  • the security realm referenced by member-authentication doesn’t contain the authentication configuration

  • client-authentication is not configured

  • the security realm referenced by client-authentication doesn’t contain the authentication configuration.

The behavior of the default authentication mechanism depends on member’s identity configuration (i.e., identity configuration in the security realm referenced from member-authentication). If the identity is configured as a username-password, then the authenticated username and password credentials are checked for equality with these configured ones. In all other cases, only the incoming cluster name is checked for equality with the one configured on the authenticating member.