Diane Hardman created GEODE-3787:
------------------------------------
Summary: Ambiguous exception thrown with method invoked in OQL
query with new security configured
Key: GEODE-3787
URL: https://issues.apache.org/jira/browse/GEODE-3787
Project: Geode
Issue Type: Bug
Components: querying, security
Reporter: Diane Hardman
I've configured my cluster using the new security (using
ExampleSecurityManager) with 1 locator and 1 server. After adding 3 key-value
pairs into the single partitioned region (region1), I use a second terminal to
connect as a user with read-only privilege to the region.
When I enter a query that invokes a put method, I get an odd exception message
in gfsh.
{noformat}
gfsh>query --query="select * from /region1.put('xyz','abc')"
Message : Exception in evaluating the Collection Expression in
getRuntimeIterator() even though the Collection is independent of any
RuntimeIterator
Result : false
(noformat}
Looking in the server log file, it looks like this exception is logged first
and later is followed by the more meaningful error:
{noformat}
[warning 2017/10/05 17:53:50.040 PDT serv1 <Function Execution Processor2>
tid=0x81] Exception in evaluating the Collection Expression in
getRuntimeIterator() even though the Collection is independent of any
RuntimeIterator
org.apache.geode.cache.query.TypeMismatchException: Exception in evaluating the
Collection Expression in getRuntimeIterator() even though the Collection is
independent of any RuntimeIterator
at
org.apache.geode.cache.query.internal.CompiledIteratorDef.getRuntimeIterator(CompiledIteratorDef.java:127)
... <many lines removed>
Caused by: org.apache.geode.security.NotAuthorizedException: Unauthorized
access to method: put
at
org.apache.geode.cache.query.internal.RestrictedMethodInvocationAuthorizer.authorizeMethodInvocation(RestrictedMethodInvocationAuthorizer.java:123)
{noformat}
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
