This is an automated email from the ASF dual-hosted git repository. alexpl pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/ignite.git
The following commit(s) were added to refs/heads/master by this push: new 8ac005f IGNITE-13676 Java thin client: Fix message read after SECURITY_VIOLATION error - Fixes #8428. 8ac005f is described below commit 8ac005f94b6f15a82cd7b9dc3b5ced2352e389eb Author: Aleksey Plekhanov <plehanov.a...@gmail.com> AuthorDate: Thu Nov 5 17:57:41 2020 +0300 IGNITE-13676 Java thin client: Fix message read after SECURITY_VIOLATION error - Fixes #8428. Signed-off-by: Aleksey Plekhanov <plehanov.a...@gmail.com> --- .../org/apache/ignite/internal/client/thin/TcpClientChannel.java | 6 ++++-- .../security/client/ThinClientPermissionCheckTest.java | 9 +++++++++ 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/modules/core/src/main/java/org/apache/ignite/internal/client/thin/TcpClientChannel.java b/modules/core/src/main/java/org/apache/ignite/internal/client/thin/TcpClientChannel.java index 4f3ee40..c357672 100644 --- a/modules/core/src/main/java/org/apache/ignite/internal/client/thin/TcpClientChannel.java +++ b/modules/core/src/main/java/org/apache/ignite/internal/client/thin/TcpClientChannel.java @@ -461,9 +461,11 @@ class TcpClientChannel implements ClientChannel { if (msgSize > hdrSize) res = dataInput.spinRead(msgSize - hdrSize); } - else if (status == ClientStatus.SECURITY_VIOLATION) + else if (status == ClientStatus.SECURITY_VIOLATION) { + dataInput.spinRead(msgSize - hdrSize); // Read message to the end. + err = new ClientAuthorizationException(); - else { + } else { resIn = new BinaryHeapInputStream(dataInput.spinRead(msgSize - hdrSize)); String errMsg = ClientUtils.createBinaryReader(null, resIn).readString(); diff --git a/modules/core/src/test/java/org/apache/ignite/internal/processors/security/client/ThinClientPermissionCheckTest.java b/modules/core/src/test/java/org/apache/ignite/internal/processors/security/client/ThinClientPermissionCheckTest.java index 1230aba..152e2570 100644 --- a/modules/core/src/test/java/org/apache/ignite/internal/processors/security/client/ThinClientPermissionCheckTest.java +++ b/modules/core/src/test/java/org/apache/ignite/internal/processors/security/client/ThinClientPermissionCheckTest.java @@ -262,6 +262,15 @@ public class ThinClientPermissionCheckTest extends AbstractSecurityTest { assertThrowsWithCause(() -> runOperation(CLIENT, op), ClientAuthorizationException.class); } + /** */ + @Test + public void testAllowedOperationAfterSecurityViolation() throws Exception { + try (IgniteClient client = startClient(CLIENT_READ)) { + assertThrowsWithCause(() -> client.cache(CACHE).put("key", "value"), ClientAuthorizationException.class); + assertNull(client.cache(CACHE).get("key")); + } + } + /** * Gets all operations. *