PetrovMikhail created IGNITE-12589: -------------------------------------- Summary: Remote thin client operations are not authorized correctly. Key: IGNITE-12589 URL: https://issues.apache.org/jira/browse/IGNITE-12589 Project: Ignite Issue Type: Bug Affects Versions: 2.7.6 Reporter: PetrovMikhail
In the current Ignite security approach security subject id is considered to be a node id (see IgniteSecurityProcessor:107). In the case of thin clients, this approach doesn't work correctly. If some operation is executed on behalf of a thin client on a remote node (node that is different from one to which thin client connection was established), it's impossible in the same way as for a node obtain a thin client security subject information. -- This message was sent by Atlassian Jira (v8.3.4#803005)