]
Tristan Tarrant updated ISPN-7333:
----------------------------------
Status: Open (was: New)
BULK_READ permission is not set in identity/role
------------------------------------------------
Key: ISPN-7333
URL:
https://issues.jboss.org/browse/ISPN-7333
Project: Infinispan
Issue Type: Bug
Components: Core, Server
Affects Versions: 9.0.0.Beta1, 9.0.0.Beta2
Reporter: Vladimir Blagojevic
Assignee: Tristan Tarrant
Priority: Major
It appears that BULK_READ permission is nor properly wired/transferred into API
invocations. When attempting to access schema names we get the following exceptions in the
server:
[Server:server-two] 11:51:44,982 ERROR [org.jboss.as.controller.management-operation]
(ServerService Thread Pool -- 33) WFLYCTL0013: Operation
("get-proto-schema-names") failed - address: ([
[Server:server-two] ("subsystem" => "datagrid-infinispan"),
[Server:server-two] ("cache-container" => "clustered")
[Server:server-two] ]) - failure description: "DGISPN0118: Failed to invoke
operation: ISPN000287: Unauthorized access: subject 'Subject with principal(s):
[vladimir@ManagementRealm, InetAddressPrincipal <127.0.0.1/127.0.0.1>]' lacks
'BULK_READ' permission"
However, we have set this permission for the role identity/role making invocations (i.e
vladimir in the example above)