[ https://issues.apache.org/jira/browse/IGNITE-11346?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16816206#comment-16816206 ]
Ivan Bessonov commented on IGNITE-11346: ---------------------------------------- [~Maxoid] I see now, you created PR for the gridgain fork, original github repository is here: [https://github.com/apache/ignite] Master branch is also there, I'd suggest recreating PR for the proper repository. After that you can use your PR to run tests here: [https://ci.ignite.apache.org/viewType.html?buildTypeId=IgniteTests24Java8_RunAll] Please link your run to this issue and I (or someone else) will take a look at the results. Thank you! > Remote client authentication failed for the CommandHandler in the case where > it optional on the server > ------------------------------------------------------------------------------------------------------ > > Key: IGNITE-11346 > URL: https://issues.apache.org/jira/browse/IGNITE-11346 > Project: Ignite > Issue Type: Bug > Components: clients, security, thin client > Affects Versions: 2.7 > Reporter: Maxim Karavaev > Priority: Minor > > h2. Preposition: > Custom _GridSecurityProcessor_ implementation allows optional authentication. > With other words, if some credentials are presents then authentication > performed, otherwise - not (some restricted SecurityContext returned). > REST API works fine. If credentials are present or the auth request was made > then the auth works as desired, if not - it also works but only for some > authorized requests. > h2. The problem: > _CommandHandler_ which is used for controlling a cluster through the CLI > script _command.sh|bat_ doesn't respect credential parameters and sends auth > request only in case of authentication exception for a regular request. In > the described case of optional authentication it never happens, so the result > always depends on the "default" Permissions. > h2. Possible solution: > Change _GridClientNioTcpConnection_ to always send first an auth request in > case of provided credentials. -- This message was sent by Atlassian JIRA (v7.6.3#76005)