[JBoss JIRA] (ISPN-7533) Accessing cache with disabled security resolves in SecurityException
by Vojtech Juranek (JIRA)
[ https://issues.jboss.org/browse/ISPN-7533?page=com.atlassian.jira.plugin.... ]
Vojtech Juranek reassigned ISPN-7533:
-------------------------------------
Assignee: Vojtech Juranek
> Accessing cache with disabled security resolves in SecurityException
> ---------------------------------------------------------------------
>
> Key: ISPN-7533
> URL: https://issues.jboss.org/browse/ISPN-7533
> Project: Infinispan
> Issue Type: Bug
> Components: Security, Server
> Affects Versions: 9.0.0.CR2
> Reporter: Roman Macor
> Assignee: Vojtech Juranek
> Priority: Blocker
>
> This happens when the security is defined in cache container, but the cache has security disabled.
> Steps to reproduce:
> - Start standalone with defined security e.g. docs/examples/configs/standalone-auth.xml
> - try accessing unsecured cache with hotrod e.g.
> {code:title=Reproducer.java|borderStyle=solid}
> ConfigurationBuilder builder = new ConfigurationBuilder();
> builder.addServer().host("127.0.0.1").port(ConfigurationProperties.DEFAULT_HOTROD_PORT)
> RemoteCacheManager cacheManager = new RemoteCacheManager(builder.build());
> RemoteCache<String, String> cache = cacheManager.getCache("default");
> cache.put("key", "value");
> System.out.printf("key = %s\n", cache.get("key"));
> cacheManager.stop();
> {code}
> Result:
> org.infinispan.client.hotrod.exceptions.HotRodClientException:Request for messageId=3 returned server error (status=0x85): java.lang.SecurityException: ISPN006017: Unauthorized operation
> at org.infinispan.client.hotrod.impl.protocol.Codec20.checkForErrorsInResponseStatus(Codec20.java:363)
> at org.infinispan.client.hotrod.impl.protocol.Codec20.readPartialHeader(Codec20.java:152)
> at org.infinispan.client.hotrod.impl.protocol.Codec20.readHeader(Codec20.java:138)
> at org.infinispan.client.hotrod.impl.operations.HotRodOperation.readHeaderAndValidate(HotRodOperation.java:60)
> at org.infinispan.client.hotrod.impl.operations.AbstractKeyValueOperation.sendPutOperation(AbstractKeyValueOperation.java:58)
> at org.infinispan.client.hotrod.impl.operations.PutOperation.executeOperation(PutOperation.java:34)
> at org.infinispan.client.hotrod.impl.operations.RetryOnFailureOperation.execute(RetryOnFailureOperation.java:56)
> at org.infinispan.client.hotrod.impl.RemoteCacheImpl.put(RemoteCacheImpl.java:269)
> at org.infinispan.client.hotrod.impl.RemoteCacheSupport.put(RemoteCacheSupport.java:79)
> at HotRodAuthTest.test(HotRodAuthTest.java:18)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:498)
> at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:50)
> at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12)
> at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:47)
> at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17)
> at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:325)
> at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:78)
> at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:57)
> at org.junit.runners.ParentRunner$3.run(ParentRunner.java:290)
> at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:71)
> at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:288)
> at org.junit.runners.ParentRunner.access$000(ParentRunner.java:58)
> at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:268)
> at org.junit.runners.ParentRunner.run(ParentRunner.java:363)
> at org.apache.maven.surefire.junit4.JUnit4Provider.execute(JUnit4Provider.java:252)
> at org.apache.maven.surefire.junit4.JUnit4Provider.executeTestSet(JUnit4Provider.java:141)
> at org.apache.maven.surefire.junit4.JUnit4Provider.invoke(JUnit4Provider.java:112)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:498)
> at org.apache.maven.surefire.util.ReflectionUtils.invokeMethodWithArray(ReflectionUtils.java:189)
> at org.apache.maven.surefire.booter.ProviderFactory$ProviderProxy.invoke(ProviderFactory.java:165)
> at org.apache.maven.surefire.booter.ProviderFactory.invokeProvider(ProviderFactory.java:85)
> at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:115)
> at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:75)
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
7 years, 6 months
[JBoss JIRA] (ISPN-7533) Accessing cache with disabled security resolves in SecurityException
by Vojtech Juranek (JIRA)
[ https://issues.jboss.org/browse/ISPN-7533?page=com.atlassian.jira.plugin.... ]
Vojtech Juranek updated ISPN-7533:
----------------------------------
Status: Pull Request Sent (was: Open)
Git Pull Request: https://github.com/infinispan/infinispan/pull/4922
> Accessing cache with disabled security resolves in SecurityException
> ---------------------------------------------------------------------
>
> Key: ISPN-7533
> URL: https://issues.jboss.org/browse/ISPN-7533
> Project: Infinispan
> Issue Type: Bug
> Components: Security, Server
> Affects Versions: 9.0.0.CR2
> Reporter: Roman Macor
> Assignee: Vojtech Juranek
> Priority: Blocker
>
> This happens when the security is defined in cache container, but the cache has security disabled.
> Steps to reproduce:
> - Start standalone with defined security e.g. docs/examples/configs/standalone-auth.xml
> - try accessing unsecured cache with hotrod e.g.
> {code:title=Reproducer.java|borderStyle=solid}
> ConfigurationBuilder builder = new ConfigurationBuilder();
> builder.addServer().host("127.0.0.1").port(ConfigurationProperties.DEFAULT_HOTROD_PORT)
> RemoteCacheManager cacheManager = new RemoteCacheManager(builder.build());
> RemoteCache<String, String> cache = cacheManager.getCache("default");
> cache.put("key", "value");
> System.out.printf("key = %s\n", cache.get("key"));
> cacheManager.stop();
> {code}
> Result:
> org.infinispan.client.hotrod.exceptions.HotRodClientException:Request for messageId=3 returned server error (status=0x85): java.lang.SecurityException: ISPN006017: Unauthorized operation
> at org.infinispan.client.hotrod.impl.protocol.Codec20.checkForErrorsInResponseStatus(Codec20.java:363)
> at org.infinispan.client.hotrod.impl.protocol.Codec20.readPartialHeader(Codec20.java:152)
> at org.infinispan.client.hotrod.impl.protocol.Codec20.readHeader(Codec20.java:138)
> at org.infinispan.client.hotrod.impl.operations.HotRodOperation.readHeaderAndValidate(HotRodOperation.java:60)
> at org.infinispan.client.hotrod.impl.operations.AbstractKeyValueOperation.sendPutOperation(AbstractKeyValueOperation.java:58)
> at org.infinispan.client.hotrod.impl.operations.PutOperation.executeOperation(PutOperation.java:34)
> at org.infinispan.client.hotrod.impl.operations.RetryOnFailureOperation.execute(RetryOnFailureOperation.java:56)
> at org.infinispan.client.hotrod.impl.RemoteCacheImpl.put(RemoteCacheImpl.java:269)
> at org.infinispan.client.hotrod.impl.RemoteCacheSupport.put(RemoteCacheSupport.java:79)
> at HotRodAuthTest.test(HotRodAuthTest.java:18)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:498)
> at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:50)
> at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12)
> at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:47)
> at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17)
> at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:325)
> at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:78)
> at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:57)
> at org.junit.runners.ParentRunner$3.run(ParentRunner.java:290)
> at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:71)
> at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:288)
> at org.junit.runners.ParentRunner.access$000(ParentRunner.java:58)
> at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:268)
> at org.junit.runners.ParentRunner.run(ParentRunner.java:363)
> at org.apache.maven.surefire.junit4.JUnit4Provider.execute(JUnit4Provider.java:252)
> at org.apache.maven.surefire.junit4.JUnit4Provider.executeTestSet(JUnit4Provider.java:141)
> at org.apache.maven.surefire.junit4.JUnit4Provider.invoke(JUnit4Provider.java:112)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:498)
> at org.apache.maven.surefire.util.ReflectionUtils.invokeMethodWithArray(ReflectionUtils.java:189)
> at org.apache.maven.surefire.booter.ProviderFactory$ProviderProxy.invoke(ProviderFactory.java:165)
> at org.apache.maven.surefire.booter.ProviderFactory.invokeProvider(ProviderFactory.java:85)
> at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:115)
> at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:75)
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
7 years, 6 months
[JBoss JIRA] (ISPN-7533) Accessing cache with disabled security resolves in SecurityException
by Vojtech Juranek (JIRA)
[ https://issues.jboss.org/browse/ISPN-7533?page=com.atlassian.jira.plugin.... ]
Vojtech Juranek updated ISPN-7533:
----------------------------------
Status: Open (was: New)
> Accessing cache with disabled security resolves in SecurityException
> ---------------------------------------------------------------------
>
> Key: ISPN-7533
> URL: https://issues.jboss.org/browse/ISPN-7533
> Project: Infinispan
> Issue Type: Bug
> Components: Security, Server
> Affects Versions: 9.0.0.CR2
> Reporter: Roman Macor
> Priority: Blocker
>
> This happens when the security is defined in cache container, but the cache has security disabled.
> Steps to reproduce:
> - Start standalone with defined security e.g. docs/examples/configs/standalone-auth.xml
> - try accessing unsecured cache with hotrod e.g.
> {code:title=Reproducer.java|borderStyle=solid}
> ConfigurationBuilder builder = new ConfigurationBuilder();
> builder.addServer().host("127.0.0.1").port(ConfigurationProperties.DEFAULT_HOTROD_PORT)
> RemoteCacheManager cacheManager = new RemoteCacheManager(builder.build());
> RemoteCache<String, String> cache = cacheManager.getCache("default");
> cache.put("key", "value");
> System.out.printf("key = %s\n", cache.get("key"));
> cacheManager.stop();
> {code}
> Result:
> org.infinispan.client.hotrod.exceptions.HotRodClientException:Request for messageId=3 returned server error (status=0x85): java.lang.SecurityException: ISPN006017: Unauthorized operation
> at org.infinispan.client.hotrod.impl.protocol.Codec20.checkForErrorsInResponseStatus(Codec20.java:363)
> at org.infinispan.client.hotrod.impl.protocol.Codec20.readPartialHeader(Codec20.java:152)
> at org.infinispan.client.hotrod.impl.protocol.Codec20.readHeader(Codec20.java:138)
> at org.infinispan.client.hotrod.impl.operations.HotRodOperation.readHeaderAndValidate(HotRodOperation.java:60)
> at org.infinispan.client.hotrod.impl.operations.AbstractKeyValueOperation.sendPutOperation(AbstractKeyValueOperation.java:58)
> at org.infinispan.client.hotrod.impl.operations.PutOperation.executeOperation(PutOperation.java:34)
> at org.infinispan.client.hotrod.impl.operations.RetryOnFailureOperation.execute(RetryOnFailureOperation.java:56)
> at org.infinispan.client.hotrod.impl.RemoteCacheImpl.put(RemoteCacheImpl.java:269)
> at org.infinispan.client.hotrod.impl.RemoteCacheSupport.put(RemoteCacheSupport.java:79)
> at HotRodAuthTest.test(HotRodAuthTest.java:18)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:498)
> at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:50)
> at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12)
> at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:47)
> at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17)
> at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:325)
> at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:78)
> at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:57)
> at org.junit.runners.ParentRunner$3.run(ParentRunner.java:290)
> at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:71)
> at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:288)
> at org.junit.runners.ParentRunner.access$000(ParentRunner.java:58)
> at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:268)
> at org.junit.runners.ParentRunner.run(ParentRunner.java:363)
> at org.apache.maven.surefire.junit4.JUnit4Provider.execute(JUnit4Provider.java:252)
> at org.apache.maven.surefire.junit4.JUnit4Provider.executeTestSet(JUnit4Provider.java:141)
> at org.apache.maven.surefire.junit4.JUnit4Provider.invoke(JUnit4Provider.java:112)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:498)
> at org.apache.maven.surefire.util.ReflectionUtils.invokeMethodWithArray(ReflectionUtils.java:189)
> at org.apache.maven.surefire.booter.ProviderFactory$ProviderProxy.invoke(ProviderFactory.java:165)
> at org.apache.maven.surefire.booter.ProviderFactory.invokeProvider(ProviderFactory.java:85)
> at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:115)
> at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:75)
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
7 years, 6 months
[JBoss JIRA] (ISPN-7114) Consistency checker
by Ryan Emerson (JIRA)
[ https://issues.jboss.org/browse/ISPN-7114?page=com.atlassian.jira.plugin.... ]
Ryan Emerson updated ISPN-7114:
-------------------------------
Fix Version/s: 9.1.0.Final
> Consistency checker
> -------------------
>
> Key: ISPN-7114
> URL: https://issues.jboss.org/browse/ISPN-7114
> Project: Infinispan
> Issue Type: Feature Request
> Components: Core
> Reporter: Tristan Tarrant
> Assignee: Ryan Emerson
> Fix For: 9.1.0.Final
>
>
> We should implement a consistency checker that can either be run on demand via management (e.g. JMX) or triggered by a merge or a topology change caused by abrupt leavers. It should perform per-segment analysis of each key/value pair between primary and backup. The design should incorporate pluggable repair strategies (e.g. latest wins, primary wins, discard, degrade segment, custom)
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
7 years, 6 months
[JBoss JIRA] (ISPN-7065) Collect clustered memory statistics
by Ryan Emerson (JIRA)
[ https://issues.jboss.org/browse/ISPN-7065?page=com.atlassian.jira.plugin.... ]
Work on ISPN-7065 started by Ryan Emerson.
------------------------------------------
> Collect clustered memory statistics
> -----------------------------------
>
> Key: ISPN-7065
> URL: https://issues.jboss.org/browse/ISPN-7065
> Project: Infinispan
> Issue Type: Feature Request
> Components: JMX, reporting and management, Server
> Reporter: Tristan Tarrant
> Assignee: Ryan Emerson
> Fix For: 9.0.0.Final
>
>
> Currently, memory stats (such as used/free heap) in a cluster / domain need to be collected by looking at the JVM memory mbeans for each individual node.
> We should provide an MBean which provides aggregated cluster statistics for this as well as exposing this information over the DMR.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
7 years, 6 months
[JBoss JIRA] (ISPN-7065) Collect clustered memory statistics
by Ryan Emerson (JIRA)
[ https://issues.jboss.org/browse/ISPN-7065?page=com.atlassian.jira.plugin.... ]
Ryan Emerson updated ISPN-7065:
-------------------------------
Status: Open (was: New)
> Collect clustered memory statistics
> -----------------------------------
>
> Key: ISPN-7065
> URL: https://issues.jboss.org/browse/ISPN-7065
> Project: Infinispan
> Issue Type: Feature Request
> Components: JMX, reporting and management, Server
> Reporter: Tristan Tarrant
> Assignee: Ryan Emerson
> Fix For: 9.0.0.Final
>
>
> Currently, memory stats (such as used/free heap) in a cluster / domain need to be collected by looking at the JVM memory mbeans for each individual node.
> We should provide an MBean which provides aggregated cluster statistics for this as well as exposing this information over the DMR.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
7 years, 6 months