[
https://issues.apache.org/jira/browse/GEODE-5618?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Juan José Ramos Cassella reassigned GEODE-5618:
-----------------------------------------------
Assignee: Juan José Ramos Cassella
> FunctionService.onServer() and FunctionService.onRegion() fail when
> multiuser-authentication=true
> -------------------------------------------------------------------------------------------------
>
> Key: GEODE-5618
> URL: https://issues.apache.org/jira/browse/GEODE-5618
> Project: Geode
> Issue Type: Bug
> Components: functions, security
> Reporter: Juan José Ramos Cassella
> Assignee: Juan José Ramos Cassella
> Priority: Major
>
> The problem resides within the {{ServerFunctionExecutor}} class, specifically
> in the following section of code:
> {code:title=ServerFunctionExecutor.java|borderStyle=solid}
> public ResultCollector execute(final String functionName) {
> (...)
> byte[] functionAttributes = getFunctionAttributes(functionName);
> if (functionAttributes == null) {
> Object obj = GetFunctionAttributeOp.execute(this.pool, functionName);
> functionAttributes = (byte[]) obj;
> addFunctionAttributes(functionName, functionAttributes);
> }
> (..)
> }
> {code}
> We are specifically executing an internal function (namely
> {{GetFunctionAttributeOp}}) to retrieve the metadata for the function
> executed by the client *without setting the user attributes* required by the
> authentication mechanism and, as such, the execution fails for this
> particular function instead of the one executed by the client (it's not even
> part of the stack trace):
> {noformat}
> Exception in thread "main" java.lang.UnsupportedOperationException: Use Pool
> APIs for doing operations when multiuser-secure-mode-enabled is set to true.
> at
> org.apache.geode.cache.client.internal.PoolImpl.authenticateIfRequired(PoolImpl.java:1549)
> at
> org.apache.geode.cache.client.internal.PoolImpl.authenticateIfRequired(PoolImpl.java:1531)
> at org.apache.geode.cache.client.internal.PoolImpl.execute(PoolImpl.java:781)
> at
> org.apache.geode.cache.client.internal.GetFunctionAttributeOp.execute(GetFunctionAttributeOp.java:24)
> at
> org.apache.geode.internal.cache.execute.ServerFunctionExecutor.execute(ServerFunctionExecutor.java:310)
> {noformat}
> The other top-level methods from {{ServerFunctionExecutor}} and
> {{ServerRegionFunctionExecutor}} configure the user attributes before
> actually executing the function, that's why (as a workaround), the user can
> use {{FunctionService.onServer(regionService).execute(new MyFunction())}},
> works as expected:
> {code}
> if (proxyCache != null) {
> if (this.proxyCache.isClosed()) {
> throw proxyCache.getCacheClosedException("Cache is closed for this user.");
> }
> UserAttributes.userAttributes.set(this.proxyCache.getUserAttributes());
> }
> {code}
> The solution would be to add the same _pre-operation logic_ to the buggy
> method.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
