If a user configures cache to use authorization and a user tries to access the cache he cannot as this use case is not supported (yet). This should be made part of security guide.
If you enable authorization on a cache, you also need to enable authentication on the REST endpoint.
I of course have authentication enabled but the problem is that when cache authorization verification is fired it has NULL as a subject and obviously fail. I've consulted the matter with Martin Gencur - JDG QE lead and he told me this is unsupported scenario. So hence I created the documentation issue.
Jiri, can you please open a corresponding BZ against the server component, complete with configuration and stack trace.
(In reply to Tristan Tarrant from comment #4) > Jiri, can you please open a corresponding BZ against the server component, > complete with configuration and stack trace. Added, see https://bugzilla.redhat.com/show_bug.cgi?id=1273411
I have included a note about security authorization and the REST protocol; a link to this note on the customer portal is available below: https://access.redhat.com/documentation/en-US/Red_Hat_JBoss_Data_Grid/6.6/html-single/Developer_Guide/index.html#Configuring_Red_Hat_JBoss_Data_Grid_for_Authorization