If a user configures cache to use authorization and a user tries to access the cache he cannot as this use case is not supported (yet). This should be made part of security guide.
If you enable authorization on a cache, you also need to enable authentication on the REST endpoint.
I of course have authentication enabled but the problem is that when cache authorization verification is fired it has NULL as a subject and obviously fail.
I've consulted the matter with Martin Gencur - JDG QE lead and he told me this is unsupported scenario. So hence I created the documentation issue.
Jiri, can you please open a corresponding BZ against the server component, complete with configuration and stack trace.
(In reply to Tristan Tarrant from comment #4)
> Jiri, can you please open a corresponding BZ against the server component,
> complete with configuration and stack trace.
Added, see https://bugzilla.redhat.com/show_bug.cgi?id=1273411
I have included a note about security authorization and the REST protocol; a link to this note on the customer portal is available below: