[infinispan-issues] [JBoss JIRA] (ISPN-6374) Unauthorized access while running javascript on secured cluster

Anna Manukyan (JIRA) issues at jboss.org
Mon Mar 14 08:27:00 EDT 2016 

Anna Manukyan created ISPN-6374:
-----------------------------------

             Summary: Unauthorized access while running javascript on secured cluster
                 Key: ISPN-6374
                 URL: https://issues.jboss.org/browse/ISPN-6374
             Project: Infinispan
          Issue Type: Bug
          Components: Tasks
            Reporter: Anna Manukyan
            Assignee: Tristan Tarrant


The following exception is thrown when trying to execute a distributed script on REPL/DIST 2 node secured cluster.

{code}
java.security.PrivilegedActionException: java.util.concurrent.ExecutionException: java.util.concurrent.ExecutionException: java.lang.SecurityException: ISPN000287: Unauthorized access: subject 'null' lacks 'ADMIN' permission
	at org.infinispan.security.Security.doAs(Security.java:145)
	at org.infinispan.scripting.ReplicatedSecuredScriptingTest.testDistributedScriptExecutionWithRole(ReplicatedSecuredScriptingTest.java:158)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:497)
	at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:84)
	at org.testng.internal.Invoker.invokeMethod(Invoker.java:714)
	at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:901)
	at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1231)
	at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:127)
	at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:111)
	at org.testng.TestRunner.privateRun(TestRunner.java:767)
	at org.testng.TestRunner.run(TestRunner.java:617)
	at org.testng.SuiteRunner.runTest(SuiteRunner.java:348)
	at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:343)
	at org.testng.SuiteRunner.privateRun(SuiteRunner.java:305)
	at org.testng.SuiteRunner.run(SuiteRunner.java:254)
	at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52)
	at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86)
	at org.testng.TestNG.runSuitesSequentially(TestNG.java:1224)
	at org.testng.TestNG.runSuitesLocally(TestNG.java:1149)
	at org.testng.TestNG.run(TestNG.java:1057)
	at org.testng.IDEARemoteTestNG.run(IDEARemoteTestNG.java:72)
	at org.testng.RemoteTestNGStarter.main(RemoteTestNGStarter.java:122)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:497)
	at com.intellij.rt.execution.application.AppMain.main(AppMain.java:144)
Caused by: java.util.concurrent.ExecutionException: java.util.concurrent.ExecutionException: java.lang.SecurityException: ISPN000287: Unauthorized access: subject 'null' lacks 'ADMIN' permission
	at java.util.concurrent.CompletableFuture.reportGet(CompletableFuture.java:357)
	at java.util.concurrent.CompletableFuture.get(CompletableFuture.java:1895)
	at org.infinispan.scripting.ReplicatedSecuredScriptingTest$9.run(ReplicatedSecuredScriptingTest.java:163)
	at org.infinispan.scripting.ReplicatedSecuredScriptingTest$9.run(ReplicatedSecuredScriptingTest.java:158)
	at org.infinispan.security.Security.doAs(Security.java:143)
	... 29 more
Caused by: java.util.concurrent.ExecutionException: java.lang.SecurityException: ISPN000287: Unauthorized access: subject 'null' lacks 'ADMIN' permission
	at org.infinispan.commons.util.concurrent.NotifyingFutureImpl.get(NotifyingFutureImpl.java:80)
	at org.infinispan.util.concurrent.CompletableFutures.lambda$toCompletableFuture$1(CompletableFutures.java:47)
	at org.infinispan.commons.util.concurrent.BaseNotifyingFuture.fireListeners(BaseNotifyingFuture.java:37)
	at org.infinispan.commons.util.concurrent.NotifyingFutureImpl.notifyException(NotifyingFutureImpl.java:105)
	at org.infinispan.distexec.DefaultExecutorService$LocalDistributedTaskPart$1.doLocalInvoke(DefaultExecutorService.java:1116)
	at org.infinispan.distexec.DefaultExecutorService$LocalDistributedTaskPart$1.call(DefaultExecutorService.java:1102)
	at java.util.concurrent.FutureTask.run(FutureTask.java:266)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
	at java.lang.Thread.run(Thread.java:745)
Caused by: java.lang.SecurityException: ISPN000287: Unauthorized access: subject 'null' lacks 'ADMIN' permission
	at org.infinispan.security.impl.AuthorizationHelper.checkPermission(AuthorizationHelper.java:86)
	at org.infinispan.security.impl.AuthorizationManagerImpl.checkPermission(AuthorizationManagerImpl.java:42)
	at org.infinispan.security.impl.SecureCacheImpl.getCacheManager(SecureCacheImpl.java:466)
	at org.infinispan.scripting.impl.DistributedScript.setEnvironment(DistributedScript.java:35)
	at org.infinispan.commands.read.DistributedExecuteCommand.perform(DistributedExecuteCommand.java:105)
	at org.infinispan.distexec.DefaultExecutorService$LocalDistributedTaskPart$1.doLocalInvoke(DefaultExecutorService.java:1112)
	... 5 more
{code}

You can find the source of the test here: 
https://github.com/andyuk1986/infinispan/blob/cc001620fe199a72f165bb82b19ef28cd252ab82/scripting/src/test/java/org/infinispan/scripting/ReplicatedSecuredScriptingTest.java#L147



--
This message was sent by Atlassian JIRA
(v6.4.11#64026)

More information about the infinispan-issues mailing list