Maksim, ok. Let me know if you have any questions.
ср, 21 апр. 2021 г. в 17:51, Maksim Stepachev <maksim.stepac...@gmail.com>: > Please wait. I'm watching your review. > > вт, 6 апр. 2021 г. в 20:14, Denis Garus <garus....@gmail.com>: > > > Hello, Igniters! > > > > I've raised the PR [1] for the issue [2]. > > Could somebody review it? > > > > Suggested implementation > > > > If Ignite Security (IS) is enabled, then executors, accessed through the > > PoolProcessor, > > are wrapped to a security-aware implementation. Security-aware > > implementation sets proper > > security context for tasks that the executor performs. > > > > The field subject id was deleted from communication requests for cache > and > > compute operations; > > a remote node gets the subject id that initiates the ignite operation > from > > GridIoSecurityAwareMessage. > > IgniteSecurity uses this id to set a proper security context during the > > execution of the request. > > > > Remove GridTaskThreadContextKey#TC_SUBJ_ID, > > GridCacheContext#subjectIdPerCall; > > a consumer has to obtain a current security subject id through > > IgniteSecurity > > or the set of SecurityUtils methods. > > > > For all events that include the subject id field, are set the following > > rule. > > If IS is enabled, this field must contain a subject id that initiates > > an ignite operation, otherwise null. > > > > Implement SecurityAwareCustomMessageWrapper for discovery requests that > act > > as > > GridIoSecurityAwareMessage for communication requests. It allows setting > > proper > > context during the discovery message execution. > > > > Implement SecurityAwareGridRestCommandHandler to allow GridRestProcessor > > to execute all client requests with the proper security context. > > > > 1. https://github.com/apache/ignite/pull/8038 > > 2. https://issues.apache.org/jira/browse/IGNITE-13112 > > >
