Uploaded image for project: 'Ignite'
  1. Ignite
  2. IGNITE-11346

Remote client authentication failed for the CommandHandler in the case where it optional on the server

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Patch Available
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: 2.7
    • Fix Version/s: None
    • Component/s: clients, security, thin client
    • Labels:
      None

      Description

      Preposition:

      Custom GridSecurityProcessor implementation allows optional authentication. With other words, if some credentials are presents then authentication performed, otherwise - not (some restricted SecurityContext returned).

      REST API works fine. If credentials are present or the auth request was made then the auth works as desired, if not - it also works but only for some authorized requests.

      The problem:

      CommandHandler which is used for controlling a cluster through the CLI script command.sh|bat doesn't respect credential parameters and sends auth request only in case of authentication exception for a regular request. In the described case of optional authentication it never happens, so the result always depends on the "default" Permissions.

      Possible solution:

      Change GridClientNioTcpConnection to always send first an auth request in case of provided credentials.

        Attachments

          Activity

            People

            • Assignee:
              Maxoid Maxim Karavaev
              Reporter:
              Maxoid Maxim Karavaev
            • Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated:

                Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0h
                0h
                Logged:
                Time Spent - 1.5h
                1.5h