You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@ignite.apache.org by "Mikhail Petrov (Jira)" <ji...@apache.org> on 2021/11/22 09:34:00 UTC

[jira] [Updated] (IGNITE-15966) [Security] Nodes can hang with authentication enabled after user drop operation

     [ https://issues.apache.org/jira/browse/IGNITE-15966?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Mikhail Petrov updated IGNITE-15966:
------------------------------------
    Summary: [Security] Nodes can hang with authentication enabled after user drop operation  (was: [Security] Node can hang with authentication enabled after user drop operation)

> [Security] Nodes can hang with authentication enabled after user drop operation
> -------------------------------------------------------------------------------
>
>                 Key: IGNITE-15966
>                 URL: https://issues.apache.org/jira/browse/IGNITE-15966
>             Project: Ignite
>          Issue Type: Bug
>            Reporter: Mikhail Petrov
>            Priority: Major
>
> Reproducer: 
> {code:java}
> /** */
> public class UserDropTest extends GridCommonAbstractTest {
>     /** {@inheritDoc} */
>     @Override protected IgniteConfiguration getConfiguration(String igniteInstanceName) throws Exception {
>         IgniteConfiguration cfg = super.getConfiguration(igniteInstanceName);
>         cfg.setAuthenticationEnabled(true);
>         cfg.setDataStorageConfiguration(new DataStorageConfiguration()
>             .setDefaultDataRegionConfiguration(new DataRegionConfiguration()
>                 .setPersistenceEnabled(true)));
>         return cfg;
>     }
>     /** */
>     @Test
>     public void test() throws Exception {
>         startGrid(0);
>         startGrid(1);
>         grid(0).cluster().state(ClusterState.ACTIVE);
>         grid(0).createCache(DEFAULT_CACHE_NAME);
>         try (AutoCloseable ignored = withSecurityContextOnAllNodes(authenticate(grid(0), "ignite", "ignite"))) {
>             grid(0).context().security().createUser("cli", "pwd".toCharArray());
>         }
>         IgniteClient client = Ignition.startClient(new ClientConfiguration().setAddresses("127.0.0.1:10800").setUserName("cli").setUserPassword("pwd"));
>         ClientCache<Object, Object> cache = client.cache(DEFAULT_CACHE_NAME);
>         try (AutoCloseable ignored = withSecurityContextOnAllNodes(authenticate(grid(0), "ignite", "ignite"))) {
>             grid(0).context().security().dropUser("cli");
>         }
>         Map<Integer, Integer> entries = new HashMap<>();
>         for (int i = 0; i < 10000; i++)
>             entries.put(i, i);
>         cache.putAll(entries);
>     }
>     /** {@inheritDoc} */
>     @Override protected void beforeTest() throws Exception {
>         super.beforeTest();
>         cleanPersistenceDir();
>     }
> }
> {code}
> Exception:
> {code:java}
> [2021-11-22 11:04:32,390][ERROR][sys-stripe-3-#92%ignite.UserDropTest1%][IgniteTestResources] Critical system error detected. Will be handled accordingly to configured handler [hnd=NoOpFailureHandler [super=AbstractFailureHandler [ignoredFailureTypes=UnmodifiableSet [SYSTEM_WORKER_BLOCKED, SYSTEM_CRITICAL_OPERATION_TIMEOUT]]], failureCtx=FailureContext [type=SYSTEM_WORKER_TERMINATION, err=java.lang.IllegalStateException: Failed to find security context for subject with given ID : 0898b227-30d5-3afc-9394-d8e4889ece4a]]
> java.lang.IllegalStateException: Failed to find security context for subject with given ID : 0898b227-30d5-3afc-9394-d8e4889ece4a
> 	at org.apache.ignite.internal.processors.security.IgniteSecurityProcessor.withContext(IgniteSecurityProcessor.java:167)
> 	at org.apache.ignite.internal.managers.communication.GridIoManager.invokeListener(GridIoManager.java:1906)
> 	at org.apache.ignite.internal.managers.communication.GridIoManager.processRegularMessage0(GridIoManager.java:1528)
> 	at org.apache.ignite.internal.managers.communication.GridIoManager.access$5300(GridIoManager.java:242)
> 	at org.apache.ignite.internal.managers.communication.GridIoManager$9.execute(GridIoManager.java:1421)
> 	at org.apache.ignite.internal.managers.communication.TraceRunnable.run(TraceRunnable.java:55)
> 	at org.apache.ignite.internal.util.StripedExecutor$Stripe.body(StripedExecutor.java:569)
> 	at org.apache.ignite.internal.util.worker.GridWorker.run(GridWorker.java:125)
> 	at java.lang.Thread.run(Thread.java:748)
> {code}
> The main problem is:
> Implementation of authentication plugin ties security user with the subject ID that is propagated through cluster nodes.
> If some node receives operation initiated by the deleted user, it fails to obtain its security context via subject id and hangs with mentioned above exception.
> Here we are faced with a security implementation problem - we have no mechanism to determine that a security subject is no longer needed and can be safely removed and at the same time we  throw unrecoverable exception in case security subject is not found that kills system worker and hangs node.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)