Hi,
I guess that here Ignite has some documentation gap. Advanced security
out of the box will work only with thin connections like webconsole,
ODBC/JDBC, etc.
To get cluster node authentication you should add GridSecurityProcessor
implementation:
https://apacheignite.readme.io/docs/advanced-security#section-enable-authentication
I created ticket on documentation:
https://issues.apache.org/jira/browse/IGNITE-12170
BR,
Andrei
9/16/2019 10:43 AM, Kurt Semba пишет:
Hi all,
I used the web-console to auto-generate some code and then extended
the ServerNodeCodeStartup.java class according to the documentation to
enable authentication (which requires to enable persistence) like this:
publicstaticvoidmain(String[] args) throwsException {
IgniteConfigurationcfg = ServerConfigurationFactory.createConfiguration();
// Ignite persistence configuration.
DataStorageConfigurationstorageCfg = newDataStorageConfiguration();
// Enabling the persistence.
storageCfg.getDefaultDataRegionConfiguration().setPersistenceEnabled(true);
// Applying settings.
cfg.setDataStorageConfiguration(storageCfg);
// Enable authentication
cfg.setAuthenticationEnabled(true);
Igniteignite = Ignition.start(cfg);
// Activate the cluster.
// This is required only if the cluster is still inactive.
ignite.cluster().active(true);
// Get all server nodes that are already up and running.
Collection<ClusterNode> nodes = ignite.cluster().forServers().nodes();
// Set the baseline topology that is represented by these nodes.
ignite.cluster().setBaselineTopology(nodes);
}
But when I run this, the output shows “authentication=off” and I can
also connect a client without providing any user+pass…
/[…]/
/[08:57:13] Security status [authentication=off, tls/ssl=off]/
/[…] /
/[08:57:16] Ignite node started OK (id=1f668071, instance
name=ImportedCluster6)/
/[08:57:16] Topology snapshot [ver=1, locNode=1f668071, servers=1,
clients=0, state=INACTIVE, CPUs=4, offheap=2.3GB, heap=2.6GB]/
/[08:57:16] ^-- Baseline [id=0, size=1, online=1, offline=0]/
/[08:57:16] ^-- All baseline nodes are online, will start
auto-activation/
/[08:57:16] Ignite node stopped in the middle of checkpoint. Will
restore memory state and finish checkpoint on node start./
/[08:57:16] Both Ignite native persistence and CacheStore are
configured for cache 'NsdevicesCache'. This configuration does not
guarantee strict consistency between CacheStore and Ignite data
storage upon restarts. Consult documentation for more details./
Any idea what I’m doing wrong?
I will also look into enabling TLS but wanted to start with user+pass
auth.
Thanks
Kurt
