Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-19409

[INFINISPAN] Setup for remote Infinispan Server 15 with enchrypted connection

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Major Major
    • None
    • None
    • Documentation
    • None
    • ---
    • ---

      Moving from Infinispan Server 14 to Infinispan Server 15 the configuration has changed:

      And the former configuration now produces the following error:

      2024-06-11 13:27:57,533 ERROR (non-blocking-thread-jdg2-p2-t2) [o.i.s.h.BaseRequestProcessor] ISPN005003: Exception reported org.infinispan.commons.CacheException: ISPN000287: Unauthorized access: subject 'Subject with principal(s): [admin, InetAddressPrincipal [address=10.0.191.251/10.0.191.251]]' lacks 'CREATE' permission
      	at org.infinispan.server.core.admin.AdminOperationsHandler.lambda$runTask$1(AdminOperationsHandler.java:54)
      	at java.base/java.util.concurrent.CompletableFuture$AsyncSupply.run(CompletableFuture.java:1768)
      	at org.jboss.threads.ContextHandler$1.runWith(ContextHandler.java:18)
      	at org.jboss.threads.EnhancedQueueExecutor$Task.doRunWith(EnhancedQueueExecutor.java:2516)
      	at org.jboss.threads.EnhancedQueueExecutor$Task.run(EnhancedQueueExecutor.java:2495)
      	at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1521)
      	at java.base/java.lang.Thread.run(Thread.java:840)
      Caused by: java.lang.SecurityException: ISPN000287: Unauthorized access: subject 'Subject with principal(s): [admin, InetAddressPrincipal [address=10.0.191.251/10.0.191.251]]' lacks 'CREATE' permission
      	at org.infinispan.security.impl.Authorizer.checkPermission(Authorizer.java:104)
      	at org.infinispan.security.impl.Authorizer.checkPermission(Authorizer.java:69)
      	at org.infinispan.manager.DefaultCacheManagerAdmin.getOrCreateCache(DefaultCacheManagerAdmin.java:62)
      	at org.infinispan.server.tasks.admin.CacheGetOrCreateTask.execute(CacheGetOrCreateTask.java:49)
      	at org.infinispan.server.tasks.admin.CacheGetOrCreateTask.execute(CacheGetOrCreateTask.java:25)
      	at org.infinispan.server.core.admin.AdminServerTask.execute(AdminServerTask.java:57)
      	at org.infinispan.server.core.admin.AdminOperationsHandler.lambda$runTask$0(AdminOperationsHandler.java:50)
      	at org.infinispan.security.Security.doAs(Security.java:105)
      	at org.infinispan.server.core.admin.AdminOperationsHandler.lambda$runTask$1(AdminOperationsHandler.java:50)
      	... 6 more
      

      How do we set up an encrypted connection between WF and a remote Infinispan Server 15 using TLS?

      Find attached the configuration files used with WF and Infinispan Server 14:

      Find attached the configuration files used with WF and Infinispan Server 15:

        1. image-2024-06-11-16-32-14-148.png
          300 kB
          Tommaso Borgato
        2. README.md
          14 kB
          Tommaso Borgato
        3. wlf_20240211-130223-jdg-service-1-infinispan.xml
          2 kB
          Tommaso Borgato
        4. wlf_20240211-130223-wildfly-service-1-standalone-ha.xml
          37 kB
          Tommaso Borgato
        5. wlf_20245731-125713-jdg-service-1-infinispan.xml
          2 kB
          Tommaso Borgato
        6. wlf_20245731-125713-wildfly-service-1-standalone-ha.xml
          37 kB
          Tommaso Borgato

              Unassigned Unassigned
              tborgato@redhat.com Tommaso Borgato
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated: