[infinispan-issues] [JBoss JIRA] (ISPN-12113) HTTP authentication with only Digest SHA mechanisms fails

HTTP authentication with only Digest SHA mechanisms fails --------------------------------------------------------- Key: ISPN-12113 URL: https://issues.redhat.com/browse/ISPN-12113 Project: Infinispan Issue Type: Bug Reporter: Francisco De Melo Junior Assignee: Francisco De Melo Junior Priority: Minor Labels: authentication, encryption, rest Fix For: 12.0.0.Final Request: Make Rest protocol to work with cache authentication/encryption. Description: The REST protocol is not supported for use with cache authentication/authorization will result in a SecurityException and this happens also when using CLI. According to Red Hat Data Grid 7 Server Guide (and following solution https://access.redhat.com/solutions/2947551) Test: The below configuration is expected to fail because one cannot use cache-container authentication <and> REST protocol. {code:xml} <cache-container name="clustered" default-cache="sessionCache" statistics="true"> <transport stack="tcp-stack" site="z9" cluster="clustered" node-name="rhdgserver" /> <security> <authorization> <identity-role-mapper /> <role name="admin" permissions="ALL" /> <role name="reader" permissions="READ" /> <role name="writer" permissions="WRITE" /> </authorization> </security> <metrics gauges="true" histograms="true" /> </cache-container> (...) <endpoints socket-binding="default" security-realm="default"> <hotrod-connector name="hotrod"> <authentication> <sasl server-name="rhdgserver" mechanisms="DIGEST-SHA-256" qop="auth" /> </authentication> </hotrod-connector> <rest-connector name="rest"> <authentication mechanisms="DIGEST-SHA-256"/> </rest-connector> </endpoints> {code} Workaround: Testing with one, or the other, works. As in: {noformat} #curl -u admin:admin http://localhost:11222/rest/v2/caches/test1 {"stats":{"hits":0,"current_number_of_entries_in_memory":0,"time_since_start":32,"time_since_reset":32,"current_number_of_entries":0,"total_number_of_entries":0,"off_heap_memory_used":0,"data_memory_used":0,"remove_hits":0,"remove_misses":0,"evictions":0,"average_read_time":0,"average_read_time_nanos":0,"average_write_time":0,"average_write_time_nanos":0,"average_remove_time":0,"average_remove_time_nanos":0,"required_minimum_number_of_nodes":1,"retrievals":0,"stores":0,"misses":0},"size":0,"configuration":{"distributed-cache":{"mode":"SYNC","remote-timeout":17500,"state-transfer":{"timeout":60000},"transaction":{"mode":"NONE"},"memory":{"object":{}},"locking":{"concurrency-level":1000,"acquire-timeout":15000,"striping":false},"statistics":true}},"rehash_in_progress":false,"bounded":false,"indexed":false,"persistent":false,"transactional":false,"secured":false,"has_remote_backup":false,"indexing_in_progress":false,"statistics":true} {noformat}