[
https://issues.apache.org/jira/browse/GEODE-3632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16837157#comment-16837157
]
Mario Kevo edited comment on GEODE-3632 at 7/2/19 7:44 AM:
-----------------------------------------------------------
It looks like NotAuthorizedException is not even thrown for both get and getAll.
While executing writeOnlyUserCannotGet from clientSecurity in geode-examples it
passed, but it shouldn't.
was (Author: mkevo):
It looks like NotAuthorizedException is not even logged for both get and getAll.
While executing writeOnlyUserCannotGet from clientSecurity in geode-examples it
passed, but it shouldn't.
> LocalDataSet.getAll -- NotAuthorizedExceptions should be thrown, not only
> logged.
> ---------------------------------------------------------------------------------
>
> Key: GEODE-3632
> URL: https://issues.apache.org/jira/browse/GEODE-3632
> Project: Geode
> Issue Type: Bug
> Components: core, security
> Reporter: Patrick Rhomberg
> Assignee: Mario Kevo
> Priority: Major
> Labels: region
>
> Refer to the geode-example clientSecurity, currently in [pull request
> 17](https://github.com/apache/geode-examples/pull/17). Unauthorized getAll
> method calls log the lack of authorization but do not rethrow the exception.
> This is inconsistent with behavior of put, putAll, and get.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
