Feature #12
define clusters of nodes, restrict participation
| Status: | Closed | Start: | 09/25/2009 | |
|---|---|---|---|---|
| Priority: | Normal | Due date: | ||
| Assigned to: |  Jörg Plewe |
% Done: | 100% |
|
| Category: | - | |||
| Target version: | 0.5.2 |
Description
Currently, all computers on a network that run BundleBee will automatically participate with the grid. This is not always desired.
It should be possible to define a closed cluster of nodes that can participate in a grid.
One way is to configure a password with the node. Only nodes knowing the password will be recognized as participants.
History
Updated by Jörg Plewe over 2 years ago
- Target version changed from 0.5.3 to 0.5.2
Updated by Jörg Plewe over 2 years ago
- Status changed from New to Resolved
- % Done changed from 0 to 100
See Security
BundleBee accomplishes that by optionally signing each message send by the Registry using state-of-the-art cryptographic means.
Therefore, someone (the admin) needs to define a secret that is shared by all nodes that are destined for the cluster:
org.bundlebee.registry.security.sharedsecret=ESVfzTKojjQ77htPgPpznfSFY6pzsRXz
This password is used to create a 256 bit key using the PBKDF2WithHmacSHA1 algorithm. The key in turn goes into a HMAC signature that is based on a SHA256 hash function.
The HMAC and the message (in clear text) are than transmitted together. The receiver will compute the HMAC from the message on his own and compare it to the received one. In case of equality, the message is considered to come from an authorized node from the same cluster.
Updated by Philipp Haußleiter about 2 years ago
- Status changed from Resolved to Closed