Alex Furmanski created ISPN-8929: ------------------------------------ Summary: $local management user cannot manage protobuf schemas Key: ISPN-8929 URL: https://issues.jboss.org/browse/ISPN-8929 Project: Infinispan Issue Type: Bug Components: CLI, Security, Server Reporter: Alex Furmanski The $local management user cannot manipulate protostream caches because it lacks the ___schema_manager role. For example: {noformat} [user@myhost jboss-datagrid]$ bin/cli.sh You are disconnected at the moment. Type 'connect' to connect to the server or 'help' for the list of supported commands. [disconnected /] connect 192.168.50.11 [standalone@192.168.50.11:9990 /] container mycontainer [standalone@192.168.50.11:9990 cache-container=mycontainer] :get-proto-schema-names { "outcome" => "failed", "failure-description" => "DGISPN0118: Failed to invoke operation: ISPN000287: Unauthorized access: subject 'Subject with principal(s): [$local@ManagementRealm, org.jboss.remoting3.security.UserPrincipal@439455c7, InetAddressPrincipal <192.168.50.11/192.168.50.11>, InetAddressPrincipal <192.168.50.11/192.168.50.11>]' lacks 'BULK_READ' permission", "rolled-back" => true } {noformat} This was tested with RH Data Grid 7.1.2. -- This message was sent by Atlassian JIRA (v7.5.0#75005)