Hi all, Stepping through the code during a cache.get() request from a client node to a server node, I don't see that GridSecurityProcessor.authorize will ever be called on the server node?
Authorize is called on the client node, but on the server node the code goes straight to GridCacheAdapter#getAllAsync0 which skips the ctx.checkSecurity call?? If that is the case any node which is able to connect can easily do anything on a cache using custom client code to bypass client-side security... am I missing something? Thanks! Franck -- Sent from: http://apache-ignite-users.70518.x6.nabble.com/
