Details
-
Bug
-
Status: Open
-
Major
-
Resolution: Unresolved
-
2.9.1
-
None
-
None
-
Docs Required, Release Notes Required
Description
I use apache ignite 2.9.1
Found that org.apache.ignite.client.IgniteCache.cache() method does not have security check.
For example:
ClientConfiguration config = new ClientConfiguration()
.setAddresses("127.0.0.1:10800")
.setUserName("user01")
.setUserPassword(null);
try (IgniteClient client = Ignition.startClient(config))
{ ClientCache<String, String> cache = client.cache("common_cache"); cache.put("key", "some_value"); System.out.println("Cache " + cache.getName() + " key=" + cache.get("key")); }
Found that client.cache("common_cache") does not have the security permission check.