[jira] [Updated] (IGNITE-15969) Enabling authentication requires the client node to enable persistence in the configuration

[Ilya Shishkov (Jira)]

     [ 
https://issues.apache.org/jira/browse/IGNITE-15969?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Ilya Shishkov updated IGNITE-15969:
-----------------------------------
    Labels: newbie  (was: )

> Enabling authentication requires the client node to enable persistence in the 
> configuration
> -------------------------------------------------------------------------------------------
>
>                 Key: IGNITE-15969
>                 URL: https://issues.apache.org/jira/browse/IGNITE-15969
>             Project: Ignite
>          Issue Type: Bug
>    Affects Versions: 2.11
>            Reporter: Ilya Shishkov
>            Assignee: Ilya Shishkov
>            Priority: Minor
>              Labels: newbie
>         Attachments: ClientNodeAuthFailureReproducer.patch
>
>
> When you start cluster with turned on built-in authentication it requires to 
> enable persistence too [1].
> This requirement seems to be useless for client nodes, because they has no 
> persistence, but without persistence client node would fail during start up 
> with below error:
> {code:java}
> class org.apache.ignite.IgniteCheckedException: Authentication can be enabled 
> only for cluster with enabled persistence. Check the DataRegionConfiguration
>       at 
> org.apache.ignite.internal.processors.authentication.IgniteAuthenticationProcessor.startProcessor(IgniteAuthenticationProcessor.java:166)
>       at org.apache.ignite.internal.IgniteKernal.start(IgniteKernal.java:1259)
>       at 
> org.apache.ignite.internal.IgnitionEx$IgniteNamedInstance.start0(IgnitionEx.java:2141)
>       at 
> org.apache.ignite.internal.IgnitionEx$IgniteNamedInstance.start(IgnitionEx.java:1787)
>       at org.apache.ignite.internal.IgnitionEx.start0(IgnitionEx.java:1172)
>       at org.apache.ignite.internal.IgnitionEx.start(IgnitionEx.java:642)
> {code}
> Reproducer: [^ClientNodeAuthFailureReproducer.patch] 
> It slightly modifies AuthenticationConfigurationClusterTest an it leads to 
> failure of tests: the existing #testClientNodeJoinDisabled and added in the 
> patch #testEnabledAuthenticationOnClientNode.
> It seems that here [2] we should add check whether starting up node is client 
> or not:
> {code:java}
>     /** Starts processor. */
>     public void startProcessor() throws IgniteCheckedException {
>         if (!GridCacheUtils.isPersistenceEnabled(ctx.config())) { // here 
> client node fails
>             throw new IgniteCheckedException("Authentication can be enabled 
> only for cluster with enabled persistence."
>                 + " Check the DataRegionConfiguration");
>         }
> {code}
> Links:
>  # [https://ignite.apache.org/docs/latest/security/authentication]
>  # 
> [https://github.com/apache/ignite/blob/master/modules/core/src/main/java/org/apache/ignite/internal/processors/authentication/IgniteAuthenticationProcessor.java#L165]



--
This message was sent by Atlassian Jira
(v8.20.1#820001)