Bug 1271105 - It is not possible to access cache witch authorization enabled via REST endpoint
Summary: It is not possible to access cache witch authorization enabled via REST endpoint
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: JBoss Data Grid 6
Classification: JBoss
Component: Documentation
Version: 6.5.1
Hardware: Unspecified
OS: Unspecified
unspecified
medium
Target Milestone: CR2
: 6.6.0
Assignee: Christian Huffman
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2015-10-13 07:46 UTC by Jiri Pechanec
Modified: 2016-02-17 19:06 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-02-17 19:06:15 UTC
Type: Bug


Attachments (Terms of Use)

Description Jiri Pechanec 2015-10-13 07:46:21 UTC
If a user configures cache to use authorization and a user tries to access the cache he cannot as this use case is not supported (yet). This should be made part of security guide.

Comment 2 Tristan Tarrant 2015-10-14 09:49:19 UTC
If you enable authorization on a cache, you also need to enable authentication on the REST endpoint.

Comment 3 Jiri Pechanec 2015-10-15 03:11:03 UTC
I of course have authentication enabled but the problem is that when cache authorization verification is fired it has NULL as a subject and obviously fail.

I've consulted the matter with Martin Gencur - JDG QE lead and he told me this is unsupported scenario. So hence I created the documentation issue.

Comment 4 Tristan Tarrant 2015-10-15 18:42:45 UTC
Jiri, can you please open a corresponding BZ against the server component, complete with configuration and stack trace.

Comment 5 Jiri Pechanec 2015-10-20 12:00:12 UTC
(In reply to Tristan Tarrant from comment #4)
> Jiri, can you please open a corresponding BZ against the server component,
> complete with configuration and stack trace.

Added, see https://bugzilla.redhat.com/show_bug.cgi?id=1273411

Comment 7 Christian Huffman 2016-02-17 19:06:15 UTC
I have included a note about security authorization and the REST protocol; a link to this note on the customer portal is available below:

  https://access.redhat.com/documentation/en-US/Red_Hat_JBoss_Data_Grid/6.6/html-single/Developer_Guide/index.html#Configuring_Red_Hat_JBoss_Data_Grid_for_Authorization


Note You need to log in before you can comment on or make changes to this bug.