Configuring security
The Security.store file contains the rules that determine the permissions for each role. The SystemAuthentication.store stores the principals recognised by the system authentication handler.
Note: As of version 6.5, the old "TopicPermission" API methods used to update these files have been
deprecated. The name was misleading because these methods cover all path-based permissions (see
Permissions for details).
Use the equivalent "PathPermission" method instead.
The Security.store and SystemAuthentication.store contain user-editable scripts with a documented syntax. It is safe to edit these files directly when the server is stopped. If you are using a cluster, all the servers in the cluster should be stopped before editing. If the server or cluster is running, changes should be made using the management console or the API.
If the files are edited while the server is running, the changes will not be applied until a restart, and could be overwritten by changes made by clients via the API.