diff --git a/geode-book/master_middleman/source/subnavs/geode-subnav.erb b/geode-book/master_middleman/source/subnavs/geode-subnav.erb index 49cd752f975..b4ba7467a4c 100644 --- a/geode-book/master_middleman/source/subnavs/geode-subnav.erb +++ b/geode-book/master_middleman/source/subnavs/geode-subnav.erb @@ -159,6 +159,9 @@ limitations under the License. +
  • + Serialization +
    • diff --git a/geode-docs/security/chapter_overview.html.md.erb b/geode-docs/security/chapter_overview.html.md.erb index f75376d6f29..3984dd5ae4c 100644 --- a/geode-docs/security/chapter_overview.html.md.erb +++ b/geode-docs/security/chapter_overview.html.md.erb @@ -48,3 +48,7 @@ The security framework permits authentication of connecting components and autho - **[SSL](../security/ssl_overview.html)** SSL protects your data in transit between applications. + +- **[Serialization](../security/serialization.html)** + + This section describes the serialization mechanisms available in Apache Geode, including global serialization filters and PDX serialization. diff --git a/geode-docs/security/implementing_security.html.md.erb b/geode-docs/security/implementing_security.html.md.erb index fcccda0933f..d684346dbfc 100644 --- a/geode-docs/security/implementing_security.html.md.erb +++ b/geode-docs/security/implementing_security.html.md.erb @@ -37,6 +37,8 @@ SSL-based, rather than plain socket connections. You can enable SSL separately for peer-to-peer, client, JMX, gateway senders and receivers, and HTTP connections. - **Post processing of region data**. Return values for operations that return region values may be formatted. +- **Serialization**. Control and filter object serialization, particularly + in the context of security and performance. ## Overview diff --git a/geode-docs/security/security_model.html.md.erb b/geode-docs/security/security_model.html.md.erb index fc9ccafebea..1a7f3842b3d 100644 --- a/geode-docs/security/security_model.html.md.erb +++ b/geode-docs/security/security_model.html.md.erb @@ -22,9 +22,10 @@ Every component of Apache Geode is built with security considerations as a top p solutions require user-specific design and implementation. Geode's default configuration combines maximum flexibility and performance without any input needed from the user. Because of this, certain security measures like **[authentication](authentication_overview.html)**, -**[authorization](authorization_overview.html)** and +**[authorization](authorization_overview.html)**, +**[serialization](../security/serialization.html)** and **[over-the-wire encryption](ssl_overview.html)** -are absent from a default Geode installation. +are absent from a default Geode installation. It is highly recommended that users review Geode's security capabilities and implement them as they see fit. See the **[Security Implementation Introduction and Overview](implementing_security.html)** to get started with Apache Geode security. @@ -33,3 +34,4 @@ Additional documentation related to security can be found on Apache Geode Wiki [Geode Security Framework](https://cwiki.apache.org/confluence/display/GEODE/Geode+Security+Framework) and [Geode Integrated Security](https://cwiki.apache.org/confluence/display/GEODE/Geode+Integrated+Security). + diff --git a/geode-docs/security/serialization.html.md.erb b/geode-docs/security/serialization.html.md.erb new file mode 100644 index 00000000000..b96cb7178dd --- /dev/null +++ b/geode-docs/security/serialization.html.md.erb @@ -0,0 +1,54 @@ +--- +title: Serialization +--- + + + +Apache Geode offers mechanisms to control and filter object serialization, particularly + in the context of security and performance. This is primarily achieved through: + + +## Global Serialization Filter (Java) + +For deployments using Java, a global serialization filter can be enabled to restrict the types of objects that can be serialized and +deserialized within the Geode process. This helps mitigate risks associated with deserialization of untrusted data, a common vulnerability. + +- To enable this, the Java system property `geode.enableGlobalSerialFilter` is set to true when starting Geode locators and servers. + +- Additionally, the `serializable-object-filter` configuration option, used in conjunction with `validate-serializable-objects,` is used to +specify a whitelist of user-defined classes that are allowed to be serialized/deserialized, in addition to standard JDK and Geode classes. + This allows for fine-grained control over which custom objects are permitted in the system. + +## PDX Serialization + +Apache Geode's Portable Data eXchange (PDX) serialization offers a more robust and flexible approach to data serialization, providing features +like schema evolution and language independence. While not a "filter" in the same sense as the global serialization filter, PDX provides control +over how objects are serialized and deserialized. + +- **PdxSerializer:** You can implement a custom `PdxSerializer` to define how specific domain objects are serialized and deserialized, allowing + for selective handling of fields or transformations during the process. + +- **Reflection-Based Auto-Serialization:** PDX also supports automatic reflection-based serialization, where Geode can serialize objects without + requiring explicit implementation of `PdxSerializable` in your domain classes. This can be configured to include or exclude specific types based + on criteria like package names, providing a form of type filtering. + + + + + In conclusion, Apache Geode provides serialization filtering capabilities through a global filter for security hardening in Java 8 environments and + through the flexible configurations of PDX serialization for fine-grained control over data handling and type inclusion/exclusion.