Details
-
Bug
-
Resolution: Unresolved
-
Major
-
None
-
13.0.1.Final
-
None
Description
The server doesn't reply when a client requests a STAT operator without the required `MONITOR` permission.
Server should reply with an hotrod error status/error saying something about the missing permission.
Server Logs show that the server received the request and correctly detected that the client doesn't have the required permission:
{{Thread Thread[blocking-thread--p3-t1,5,ISPN-blocking-thread-group] threw an uncaught exception java.lang.SecurityException: ISPN
000287: Unauthorized access: subject 'Subject with principal(s): [reader, RolePrincipal{name='reader'}, InetAddressPrincipal [address=127.0.0.1/127.0.0.1]]' lacks 'MONITOR' permission}}
but the response is not sent back to the client.
Can be reproduced with Java and C# client