[infinispan-issues] [JBoss JIRA] (ISPN-7333) BULK_READ permission is not set in identity/role
Galder Zamarreño (Jira)
issues at jboss.org
Fri Jan 25 11:02:00 EST 2019
[ https://issues.jboss.org/browse/ISPN-7333?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Galder Zamarreño updated ISPN-7333:
-----------------------------------
Fix Version/s: 10.0.0.Alpha3
10.0.0.Final
> BULK_READ permission is not set in identity/role
> ------------------------------------------------
>
> Key: ISPN-7333
> URL: https://issues.jboss.org/browse/ISPN-7333
> Project: Infinispan
> Issue Type: Bug
> Components: Core, Server
> Affects Versions: 9.4.5.Final
> Reporter: Vladimir Blagojevic
> Assignee: Tristan Tarrant
> Priority: Major
> Fix For: 10.0.0.Alpha3, 10.0.0.Final
>
>
> It appears that BULK_READ permission is nor properly wired/transferred into API invocations. When attempting to access schema names we get the following exceptions in the server:
> [Server:server-two] 11:51:44,982 ERROR [org.jboss.as.controller.management-operation] (ServerService Thread Pool -- 33) WFLYCTL0013: Operation ("get-proto-schema-names") failed - address: ([
> [Server:server-two] ("subsystem" => "datagrid-infinispan"),
> [Server:server-two] ("cache-container" => "clustered")
> [Server:server-two] ]) - failure description: "DGISPN0118: Failed to invoke operation: ISPN000287: Unauthorized access: subject 'Subject with principal(s): [vladimir at ManagementRealm, InetAddressPrincipal <127.0.0.1/127.0.0.1>]' lacks 'BULK_READ' permission"
> However, we have set this permission for the role identity/role making invocations (i.e vladimir in the example above)
--
This message was sent by Atlassian Jira
(v7.12.1#712002)
More information about the infinispan-issues
mailing list