Uploaded image for project: 'Infinispan'
  1. Infinispan
  2. ISPN-14025

WARN ISPN000287 thrown when consuming container events

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Major
    • 14.0.0.CR1
    • 13.0.10.Final, 14.0.0.Dev04
    • REST, Security
    • None
    • Hide

      #Define Authorization

          <security>
        <authorization/>
    </security>
      1. Call /rest/v2/container/config?action=listen&includeCurrentState=true
      Show
      #Define Authorization <security> <authorization/> </security> Call /rest/v2/container/config?action=listen&includeCurrentState=true

    Description

      If Authorization is enabled, then the following exception is thrown on the server for every call to /rest/v2/container/config?action=listen&includeCurrentState=true:

      14:29:18,167 INFO  (non-blocking-thread--p2-t1) [org.infinispan.AUDIT] [ALLOW] operator ADMIN server[null]
14:29:18,167 INFO  (non-blocking-thread--p2-t1) [org.infinispan.AUDIT] [ALLOW] operator LISTEN container[default]
14:29:18,168 INFO  (non-blocking-thread--p2-t2) [org.infinispan.AUDIT] [DENY] null ADMIN container[default]
14:29:18,168 WARN  (non-blocking-thread--p2-t2) [io.netty.util.concurrent.DefaultPromise] An exception was thrown by org.infinispan.rest.ResponseWriter$5$$Lambda$1276/0x0000000840748440.operationComplete() java.lang.SecurityException: ISPN000287: Unauthorized access: subject 'null' lacks 'ADMIN' permission
	at org.infinispan.security.impl.Authorizer.checkPermission(Authorizer.java:112)
	at org.infinispan.security.impl.Authorizer.checkPermission(Authorizer.java:67)
	at org.infinispan.manager.DefaultCacheManager.getCacheConfiguration(DefaultCacheManager.java:954)
	at org.infinispan.rest.resources.ContainerResource$ConfigurationListener.lambda$new$0(ContainerResource.java:567)
	at org.infinispan.rest.EventStream.setChannelHandlerContext(EventStream.java:48)
	at org.infinispan.rest.ResponseWriter$5.lambda$writeResponse$0(ResponseWriter.java:102)
	at io.netty.util.concurrent.DefaultPromise.notifyListener0(DefaultPromise.java:578)
	at io.netty.util.concurrent.DefaultPromise.notifyListenersNow(DefaultPromise.java:552)
	at io.netty.util.concurrent.DefaultPromise.notifyListeners(DefaultPromise.java:491)
	at io.netty.util.concurrent.DefaultPromise.addListener(DefaultPromise.java:184)
	at io.netty.channel.DefaultChannelPromise.addListener(DefaultChannelPromise.java:95)
	at io.netty.channel.DefaultChannelPromise.addListener(DefaultChannelPromise.java:30)
	at org.infinispan.rest.ResponseWriter$5.writeResponse(ResponseWriter.java:100)
	at org.infinispan.rest.BaseHttpRequestHandler.lambda$sendResponse$0(BaseHttpRequestHandler.java:49)
	at io.netty.util.concurrent.AbstractEventExecutor.safeExecute(AbstractEventExecutor.java:164)
	at io.netty.util.concurrent.SingleThreadEventExecutor.runAllTasks(SingleThreadEventExecutor.java:469)
	at io.netty.channel.epoll.EpollEventLoop.run(EpollEventLoop.java:384)
	at io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:986)
	at io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74)
	at java.base/java.lang.Thread.run(Thread.java:829)

14:30:04,111 INFO  (non-blocking-thread--p2-t1) [org.infinispan.AUDIT] [ALLOW] operator MONITOR container[default]

      However, the request still completes as expected.

      Attachments

        Activity

          People

            remerson@redhat.com Ryan Emerson
            remerson@redhat.com Ryan Emerson
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: