[
https://issues.apache.org/jira/browse/IGNITE-12589?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
PetrovMikhail updated IGNITE-12589:
-----------------------------------
Description: In the current Ignite security approach security subject id is
considered to be a node id (see IgniteSecurityProcessor:107). In the case of
thin clients, this approach doesn't work correctly. If some operation is
executed on behalf of the thin client on a remote node (node that is different
from one to which thin client connection was established), it's impossible in
the same way as for a node obtain a thin client security subject information.
(was: In the current Ignite security approach security subject id is considered
to be a node id (see IgniteSecurityProcessor:107). In the case of thin clients,
this approach doesn't work correctly. If some operation is executed on behalf
of a thin client on a remote node (node that is different from one to which
thin client connection was established), it's impossible in the same way as for
a node obtain a thin client security subject information.)
> Remote thin client operations are not authorized correctly.
> -----------------------------------------------------------
>
> Key: IGNITE-12589
> URL: https://issues.apache.org/jira/browse/IGNITE-12589
> Project: Ignite
> Issue Type: Bug
> Affects Versions: 2.7.6
> Reporter: PetrovMikhail
> Priority: Major
>
> In the current Ignite security approach security subject id is considered to
> be a node id (see IgniteSecurityProcessor:107). In the case of thin clients,
> this approach doesn't work correctly. If some operation is executed on behalf
> of the thin client on a remote node (node that is different from one to which
> thin client connection was established), it's impossible in the same way as
> for a node obtain a thin client security subject information.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
