[ https://issues.apache.org/jira/browse/IGNITE-16068?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Nikolay Izhikov updated IGNITE-16068: ------------------------------------- Fix Version/s: 2.12 > Operations hang with different characters encoding on nodes and > authentication enabled. > --------------------------------------------------------------------------------------- > > Key: IGNITE-16068 > URL: https://issues.apache.org/jira/browse/IGNITE-16068 > Project: Ignite > Issue Type: Bug > Reporter: Mikhail Petrov > Assignee: Mikhail Petrov > Priority: Major > Fix For: 2.12 > > Time Spent: 10m > Remaining Estimate: 0h > > Reproducer: > {code:java} > /** */ > public class AuthenticatorMultiJvmEncodingTest extends GridCommonAbstractTest > { > /** Character encoding name that will be applied to the next Ignite > process start. */ > private String jvmCharacterEncoding; > /** {@inheritDoc} */ > @Override protected IgniteConfiguration getConfiguration(String > igniteInstanceName) throws Exception { > IgniteConfiguration cfg = super.getConfiguration(igniteInstanceName); > cfg.setAuthenticationEnabled(true); > cfg.setDataStorageConfiguration(new DataStorageConfiguration() > .setDefaultDataRegionConfiguration(new DataRegionConfiguration() > .setMaxSize(100 * (1 << 20)) > .setPersistenceEnabled(true))); > return cfg; > } > /** {@inheritDoc} */ > @Override protected List<String> additionalRemoteJvmArgs() { > List<String> args = super.additionalRemoteJvmArgs(); > args.add("-Dfile.encoding=" + jvmCharacterEncoding); > return args; > } > /** {@inheritDoc} */ > @Override protected boolean isRemoteJvm(String igniteInstanceName) { > return getTestIgniteInstanceIndex(igniteInstanceName) != 0; > } > /** {@inheritDoc} */ > @Override protected void beforeTest() throws Exception { > super.beforeTest(); > cleanPersistenceDir(); > } > /** */ > @Test > public void testMultipleJvmInstancesWithDifferentEncoding() throws > Exception { > startGrid(0); > jvmCharacterEncoding = "Big5"; > startGrid(1); > jvmCharacterEncoding = "UTF-8"; > startGrid(2); > grid(0).cluster().state(ACTIVE); > grid(0).createCache(DEFAULT_CACHE_NAME); > String login = "語"; > String pwd = "語"; > try (AutoCloseable ignored = > withSecurityContextOnAllNodes(authenticate(grid(0), "ignite", "ignite"))) { > grid(0).context().security().createUser(login, pwd.toCharArray()); > } > try ( > IgniteClient cli = Ignition.startClient(new > ClientConfiguration().setAddresses("127.0.0.1:10800") > .setUserName(login) > .setUserPassword(pwd)) > ) { > ClientCache<Integer, Integer> cache = > cli.cache(DEFAULT_CACHE_NAME); > Map<Integer, Integer> entries = new HashMap<>(); > for (int i = 0; i < 1000; i++) > entries.put(i, i); > cache.putAll(entries); > } > } > } > {code} > Exception on server node before hanging: > {code:java} > java.lang.IllegalStateException: Failed to find security context for subject > with given ID : c950cc94-38f1-304d-b858-2aa6e9478357 > [2021-12-06 23:24:10,507][INFO ][Thread-2][jvm-5950cce2] at > org.apache.ignite.internal.processors.security.IgniteSecurityProcessor.withContext(IgniteSecurityProcessor.java:167) > [2021-12-06 23:24:10,507][INFO ][Thread-2][jvm-5950cce2] at > org.apache.ignite.internal.managers.communication.GridIoManager.invokeListener(GridIoManager.java:1906) > [2021-12-06 23:24:10,507][INFO ][Thread-2][jvm-5950cce2] at > org.apache.ignite.internal.managers.communication.GridIoManager.processRegularMessage0(GridIoManager.java:1528) > [2021-12-06 23:24:10,507][INFO ][Thread-2][jvm-5950cce2] at > org.apache.ignite.internal.managers.communication.GridIoManager.access$5300(GridIoManager.java:242) > [2021-12-06 23:24:10,507][INFO ][Thread-2][jvm-5950cce2] at > org.apache.ignite.internal.managers.communication.GridIoManager$9.execute(GridIoManager.java:1421) > [2021-12-06 23:24:10,507][INFO ][Thread-2][jvm-5950cce2] at > org.apache.ignite.internal.managers.communication.TraceRunnable.run(TraceRunnable.java:55) > [2021-12-06 23:24:10,507][INFO ][Thread-2][jvm-5950cce2] at > org.apache.ignite.internal.util.StripedExecutor$Stripe.body(StripedExecutor.java:569) > [2021-12-06 23:24:10,507][INFO ][Thread-2][jvm-5950cce2] at > org.apache.ignite.internal.util.worker.GridWorker.run(GridWorker.java:125) > [2021-12-06 23:24:10,507][INFO ][Thread-2][jvm-5950cce2] at > java.lang.Thread.run(Thread.java:748) > {code} > The main reason of described above behavior is that > IgniteAuthenticatorProcessor uses default JVM character encoding when > calculating security subject ID. So different nodes can add the same user > with different IDs if they are running in JVMS with different default > characters encoding. As a result user can not be found during operations that > involve multiple nodes. -- This message was sent by Atlassian Jira (v8.20.1#820001)