1273411 – Cannot access cache with authorization enabled when using REST protocol

Bug 1273411 - Cannot access cache with authorization enabled when using REST protocol

Summary: Cannot access cache with authorization enabled when using REST protocol

Keywords:
Status:	CLOSED UPSTREAM
Alias:	None
Product:	JBoss Data Grid 6
Classification:	JBoss
Component:	Server
Sub Component:
Version:	6.5.1
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	medium
Target Milestone:	---
Target Release:	7.0.0
Assignee:	Tristan Tarrant
QA Contact:	Martin Gencur
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2015-10-20 11:59 UTC by Jiri Pechanec
Modified:	2025-02-10 03:48 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2025-02-10 03:48:22 UTC
Type:	Bug
Embargoed:

Attachments	(Terms of Use)
Log and config files (9.15 KB, application/x-gzip) 2015-10-20 11:59 UTC, Jiri Pechanec	no flags	Details
View All

Description Jiri Pechanec 2015-10-20 11:59:34 UTC

Created attachment 1084699 [details]
Log and config files

If a JDG cache is configured to use authorization and a user access such a cache via RESt protocol then an error is thrown

URL used - http://localhost:8080/rest/default/
username - admin, password - JBoss.123

13:52:10,062 INFO  [org.infinispan.AUDIT] (http-/127.0.0.1:8080-1) [DENY] null ADMIN cache[default]
13:52:10,070 ERROR [org.apache.catalina.core.ContainerBase.[jboss.web].[default-host].[/].[Resteasy]] (http-/127.0.0.1:8080-1) JBWEB000236: Servlet.service() for servlet Resteasy threw exception: org.jboss.resteasy.spi.UnhandledException: java.lang.SecurityException: ISPN000287: Unauthorized access: subject 'null' lacks 'ADMIN' permission
	at org.jboss.resteasy.core.SynchronousDispatcher.handleApplicationException(SynchronousDispatcher.java:364) [resteasy-jaxrs-2.3.10.Final-redhat-1.jar:]
	at org.jboss.resteasy.core.SynchronousDispatcher.handleException(SynchronousDispatcher.java:232) [resteasy-jaxrs-2.3.10.Final-redhat-1.jar:]
	at org.jboss.resteasy.core.SynchronousDispatcher.handleInvokerException(SynchronousDispatcher.java:208) [resteasy-jaxrs-2.3.10.Final-redhat-1.jar:]
	at org.jboss.resteasy.core.SynchronousDispatcher.getResponse(SynchronousDispatcher.java:556) [resteasy-jaxrs-2.3.10.Final-redhat-1.jar:]
	at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:523) [resteasy-jaxrs-2.3.10.Final-redhat-1.jar:]
	at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:125) [resteasy-jaxrs-2.3.10.Final-redhat-1.jar:]
	at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:208) [resteasy-jaxrs-2.3.10.Final-redhat-1.jar:]
	at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:55) [resteasy-jaxrs-2.3.10.Final-redhat-1.jar:]
	at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:50) [resteasy-jaxrs-2.3.10.Final-redhat-1.jar:]
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:847) [jboss-servlet-api_3.0_spec-1.0.2.Final-redhat-2.jar:1.0.2.Final-redhat-2]
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:295) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:231) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:149) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:512) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
	at org.infinispan.server.endpoint.subsystem.RestSecurityContext.invoke(RestSecurityContext.java:136) [infinispan-server-endpoints-6.3.1.Final-redhat-1.jar:6.3.1.Final-redhat-1]
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:150) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:97) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:102) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:344) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
	at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:854) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
	at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:653) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
	at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:926) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
	at java.lang.Thread.run(Thread.java:745) [rt.jar:1.8.0_45-internal]
Caused by: java.lang.SecurityException: ISPN000287: Unauthorized access: subject 'null' lacks 'ADMIN' permission
	at org.infinispan.security.impl.AuthorizationHelper.checkPermission(AuthorizationHelper.java:76) [infinispan-core-6.3.1.Final-redhat-1.jar:6.3.1.Final-redhat-1]
	at org.infinispan.security.impl.AuthorizationManagerImpl.checkPermission(AuthorizationManagerImpl.java:44) [infinispan-core-6.3.1.Final-redhat-1.jar:6.3.1.Final-redhat-1]
	at org.infinispan.security.impl.SecureCacheImpl.getComponentRegistry(SecureCacheImpl.java:319) [infinispan-core-6.3.1.Final-redhat-1.jar:6.3.1.Final-redhat-1]
	at org.infinispan.AbstractDelegatingAdvancedCache.getComponentRegistry(AbstractDelegatingAdvancedCache.java:105) [infinispan-core-6.3.1.Final-redhat-1.jar:6.3.1.Final-redhat-1]
	at org.infinispan.rest.ManagerInstance.tryRegisterMigrationManager(Server.scala:574) [infinispan-server-rest-6.3.1.Final-redhat-1-classes.jar:]
	at org.infinispan.rest.ManagerInstance.getCache(Server.scala:537) [infinispan-server-rest-6.3.1.Final-redhat-1-classes.jar:]
	at org.infinispan.rest.Server$$anonfun$getKeys$1.apply(Server.scala:74) [infinispan-server-rest-6.3.1.Final-redhat-1-classes.jar:]
	at org.infinispan.rest.Server$$anonfun$getKeys$1.apply(Server.scala:73) [infinispan-server-rest-6.3.1.Final-redhat-1-classes.jar:]
	at org.infinispan.rest.Server.protectCacheNotFound(Server.scala:508) [infinispan-server-rest-6.3.1.Final-redhat-1-classes.jar:]
	at org.infinispan.rest.Server.getKeys(Server.scala:73) [infinispan-server-rest-6.3.1.Final-redhat-1-classes.jar:]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.8.0_45-internal]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) [rt.jar:1.8.0_45-internal]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [rt.jar:1.8.0_45-internal]
	at java.lang.reflect.Method.invoke(Method.java:497) [rt.jar:1.8.0_45-internal]
	at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:168) [resteasy-jaxrs-2.3.10.Final-redhat-1.jar:]
	at org.jboss.resteasy.core.ResourceMethod.invokeOnTarget(ResourceMethod.java:269) [resteasy-jaxrs-2.3.10.Final-redhat-1.jar:]
	at org.jboss.resteasy.core.ResourceMethod.invoke(ResourceMethod.java:227) [resteasy-jaxrs-2.3.10.Final-redhat-1.jar:]
	at org.jboss.resteasy.core.ResourceMethod.invoke(ResourceMethod.java:216) [resteasy-jaxrs-2.3.10.Final-redhat-1.jar:]
	at org.jboss.resteasy.core.SynchronousDispatcher.getResponse(SynchronousDispatcher.java:541) [resteasy-jaxrs-2.3.10.Final-redhat-1.jar:]
	... 20 more

Log file and config files are added as attachements

Comment 3 Red Hat Bugzilla 2025-02-10 03:48:22 UTC

This product has been discontinued or is no longer tracked in Red Hat Bugzilla.

Note You need to log in before you can comment on or make changes to this bug.