JSR-347 should have an authentication mechanism #1
Description
A current limitation I see on some data grid implementations is the lack of an authentication scheme when a node joins a cluster.
This can be a huge security problem, since you need a way to ensure that all the nodes on a cluster are putting only valid data on the grid, and not malicious content, since the broadcast mechanism usually is something like jGroups, that does not forces any authentication scheme to any process which sends content to a given group.
I don't know if the best choice consists on ensure authentication/authorization on every change to the data stored on the grid, but at least an authentication scheme should be implemented.