[jira] [Commented] (IGNITE-11346) Remote client authentication failed for the CommandHandler in the case where it optional on the server

Fri, 12 Apr 2019 05:03:27 -0700 


    [ 
https://issues.apache.org/jira/browse/IGNITE-11346?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16816206#comment-16816206
 ] 

Ivan Bessonov commented on IGNITE-11346:
----------------------------------------

[~Maxoid] I see now, you created PR for the gridgain fork, original github 
repository is here: [https://github.com/apache/ignite]

Master branch is also there, I'd suggest recreating PR for the proper 
repository.

After that you can use your PR to run tests here: 
[https://ci.ignite.apache.org/viewType.html?buildTypeId=IgniteTests24Java8_RunAll]

Please link your run to this issue and I (or someone else) will take a look at 
the results.

Thank you!

 

 

> Remote client authentication failed for the CommandHandler in the case where 
> it optional on the server
> ------------------------------------------------------------------------------------------------------
>
>                 Key: IGNITE-11346
>                 URL: https://issues.apache.org/jira/browse/IGNITE-11346
>             Project: Ignite
>          Issue Type: Bug
>          Components: clients, security, thin client
>    Affects Versions: 2.7
>            Reporter: Maxim Karavaev
>            Priority: Minor
>
> h2. Preposition:
> Custom _GridSecurityProcessor_ implementation allows optional authentication. 
> With other words, if some credentials are presents then authentication 
> performed, otherwise - not (some restricted SecurityContext returned). 
> REST API works fine. If credentials are present or the auth request was made 
> then the auth works as desired, if not - it also works but only for some 
> authorized requests.
> h2. The problem:
> _CommandHandler_ which is used for controlling a cluster through the CLI 
> script _command.sh|bat_ doesn't respect credential parameters and sends auth 
> request only in case of authentication exception for a regular request. In 
> the described case of optional authentication it never happens, so the result 
> always depends on the "default" Permissions.
> h2. Possible solution:
> Change _GridClientNioTcpConnection_ to always send first an auth request in 
> case of provided credentials.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to