Hi,
IgniteCache.query() method requires CACHE_READ permission,
but looks like all JDBC clients bypass security checks.
On Mon, Oct 30, 2017 at 5:27 PM, calebs <caleb.s...@gmail.com> wrote:
> Hi Andrew,
>
> Then, does JDBC "thick" client have the support security plugin? The
> security includes User Authentication and Authorization.
>
> In GridCacheContext, I see the following method
>
> /**
> * @param op Operation to check.
> * @throws SecurityException If security check failed.
> */
> public void checkSecurity(SecurityPermission op) throws
> SecurityException {
> if (CU.isSystemCache(name()))
> return;
>
> ctx.security().authorize(name(), op, null);
> }
>
> where it calls security plugin's authorize method without passing user's
> SecurityContext. I wonder when and where the security context is used for
> any permission like CACHE_PUT & CACHE_READ.
>
>
>
> --
> Sent from: http://apache-ignite-users.70518.x6.nabble.com/
>
--
Best regards,
Andrey V. Mashenkov
