[jboss-jira] [JBoss JIRA] (JGRP-1661) AUTH bypasses join requests without auth_headers
Sergey Tumashov (JIRA)
jira-events at lists.jboss.org
Thu Jul 18 15:24:26 EDT 2013
Sergey Tumashov created JGRP-1661:
-------------------------------------
Summary: AUTH bypasses join requests without auth_headers
Key: JGRP-1661
URL: https://issues.jboss.org/browse/JGRP-1661
Project: JGroups
Issue Type: Feature Request
Affects Versions: 3.3.3
Reporter: Sergey Tumashov
Assignee: Bela Ban
The cluster coordinator allows new members to join the cluster if their join requests do not contain auth headers.
A simple test case would involve two nodes. One node should be configured to use a protocol stack with AUTH. The other node should use the same stack but with AUTH excluded. The node that uses AUTH needs to be brought up first so it can become cluster coordinator. The second node will now successfully join the cluster even though it does not send any auth tokens along with its join requests.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list