Re: [I] `withContext` can bypass security plugins [ignite]

2025-10-18 Thread via GitHub 


shishkovilja commented on issue #12005:
URL: https://github.com/apache/ignite/issues/12005#issuecomment-3325130904

   @icode , why should cache operations call the `#authenticate`? 
Authentication occurs during node join to the cluster. Once joined, the node is 
already authenticated.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Re: [I] `withContext` can bypass security plugins [ignite]

2025-10-17 Thread via GitHub 


icode commented on issue #12005:
URL: https://github.com/apache/ignite/issues/12005#issuecomment-3326136652

   > [@icode](https://github.com/icode) , why should cache operations call 
`#authenticate`? Authentication occurs during node join to the cluster. Once 
joined, the node is already authenticated.
   
   So, can 'withContext' be used to bypass any role and permission? The 
'withContext' interface should not be disguised as any node.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Re: [I] `withContext` can bypass security plugins [ignite]

2025-09-24 Thread via GitHub 


icode commented on issue #12005:
URL: https://github.com/apache/ignite/issues/12005#issuecomment-3327310680

   > "Role" and "permission" are parts of authorization, not authentication. 
You should take this into account in your plugin.
   
   The `withContext` interface not callback `authorize` and 
`SecurityPermission` enum no has `withContext` permission, any authenticated's 
client can be disguised as any node. Perhaps I couldn't find the interface for 
checking, please let me know if there is.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Re: [I] `withContext` can bypass security plugins [ignite]

2025-09-23 Thread via GitHub 


shishkovilja commented on issue #12005:
URL: https://github.com/apache/ignite/issues/12005#issuecomment-3326697133

   "Role" and "permission" are part of authorization, not authentication.
   You should take this into account in your plugin.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

[I] `withContext` can bypass security plugins [ignite]

2025-04-15 Thread via GitHub 


icode opened a new issue, #12005:
URL: https://github.com/apache/ignite/issues/12005

   `ignite.context().security().withContext` function can bypass security 
plugins!
   
   `ignite.context().security().withContext` should call `authenticate(context: 
AuthenticationContext)` function!
   
   ```kotlin
   
ignite.context().security().withContext((ignite.cluster().forRemotes().node() 
?: ignite.localNode()).id())
   // then can query not authenticated cache
   val cache = ignite.cache("DataSource")
   // this `size` function not call `authenticate(context: 
AuthenticationContext)`
   println("1.  ${cache.size()}")
   try {
   // this `forEach` function not call `authenticate(context: 
AuthenticationContext)`
   cache.forEach {
   println(it)
   }
   } catch (e: Exception) {
   println("e. ")
   e.printStackTrace()
   }
   println("2. ")
   ```
   ```kotlin
   override fun authenticatedSubject(subjId: UUID): SecuritySubject? {
   val n = ctx.discovery().node(subjId)
   if (n != null) {
   return this.nodeSecurityContext(n)!!.subject()
   }
   }
   
   private fun nodeSecurityContext(node: ClusterNode): SecurityContextImpl? 
{
   val subjBytesV2 = 
node.attribute(IgniteNodeAttributes.ATTR_SECURITY_SUBJECT_V2) as 
ByteArray?
   if (subjBytesV2 == null) {
   val subj = SecuritySubjectImpl(
   node.id(),
   SecuritySubjectType.REMOTE_NODE,
   address = InetSocketAddress(node.addresses().first(), 0),
   permissions = SecurityPermissionSetBuilder.ALL_PERMISSIONS,
   nodeId = node.id()
   )
   return SecurityContextImpl(subj)
   } else {
   return U.unmarshal(
   this.marsh,
   subjBytesV2,
   U.resolveClassLoader(ctx.config())
   ) as SecurityContextImpl?
   }
   }
   ```


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]