Details
Blocker Description
| When security is enabled, and an update or select sql is issued from dbeaver, the security context in class GridIOManager , method -createGridIoMessage - line - ctx.security().securityContext() returns the securitycontext of the thin client. |
The message generated out of createGridIoMessage is passed on to the next node.
This is used in
class - IgniteSecurityProcessor
method - ( withContext)
line - ctx.discovery().node(uuid)
on the next node :
@Override public OperationSecurityContext withContext(UUID nodeId)
{ return withContext( secCtxs.computeIfAbsent(nodeId, uuid -> nodeSecurityContext( marsh, U.resolveClassLoader(ctx.config()), ctx.discovery().node(uuid) ) ) ); }The ctx.discovery().node(uuid) used to
determine the ClusterNode that is passed into nodeSecurityContext() returns
null, since the uuid is that of the remote client id not the remote node id.
Hence
class: SecurityUtils.java
method : nodeSecurityContext
line : byte[] subjBytes = node.attribute(IgniteNodeAttributes.ATTR_SECURITY_SUBJECT_V2);
Throws null pointer exception since node is null.
Related ticket :
IGNITE-12579
Related discussion :
http://apache-ignite-users.70518.x6.nabble.com/2-8-0-JDBC-Thin-Client-Unable-to-load-the-tables-via-DBeaver-td31681.html#a31847|
Attachments
Attachments
Issue Links
- is fixed by
-
IGNITE-12579 JDBC SQL INSERT operation hangs with security enabled.
-
- Resolved
-
-
IGNITE-12759 Getting a SecurityContext from GridSecurityProcessor
-
- Resolved
-