You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@ignite.apache.org by Sergey Korotkov <se...@gmail.com> on 2021/11/18 04:38:59 UTC
'Security context isn't certain' exception during service deploy at node startup in 2.11.0
Hello,
We run into the problem migrating from Ignite version 2.8.1 to 2.11.0
If the authentication is enabled the ignite service which is deployed at
node startup prevents it from starting with the 'Security context isn't
certain' exception.
We have prepared a simple test reproducing the problem. It works fine
with 2.8.1 and 2.10.0 but fails with 2.11.0.
To run the test unzip the package and run as
mvn clean package exec:java -Dignite.version=2.8.1 // works
fine - node starts
mvn clean package exec:java -Dignite.version=2.10.0 // works fine
- node starts
mvn clean package exec:java -Dignite.version=2.11.0 // error -
node doesn't start
Would you please help?
The following stack trace is logged:
class org.apache.ignite.plugin.security.SecurityException: Security
context isn't certain.
at
org.apache.ignite.internal.processors.security.SecurityUtils.nodeSecurityContext(SecurityUtils.java:157)
at
org.apache.ignite.internal.processors.security.IgniteSecurityProcessor.localSecurityContext(IgniteSecurityProcessor.java:376)
at
java.lang.ThreadLocal$SuppliedThreadLocal.initialValue(ThreadLocal.java:284)
at java.lang.ThreadLocal.setInitialValue(ThreadLocal.java:180)
at java.lang.ThreadLocal.get(ThreadLocal.java:170)
at
org.apache.ignite.internal.processors.security.IgniteSecurityProcessor.authorize(IgniteSecurityProcessor.java:203)
at
org.apache.ignite.internal.processors.service.IgniteServiceProcessor.checkPermissions(IgniteServiceProcessor.java:630)
at
org.apache.ignite.internal.processors.service.IgniteServiceProcessor.prepareServiceConfigurations(IgniteServiceProcessor.java:590)
at
org.apache.ignite.internal.processors.service.IgniteServiceProcessor.staticallyConfiguredServices(IgniteServiceProcessor.java:1547)
at
org.apache.ignite.internal.processors.service.IgniteServiceProcessor.collectJoiningNodeData(IgniteServiceProcessor.java:358)
at
org.apache.ignite.internal.managers.discovery.GridDiscoveryManager$5.collect(GridDiscoveryManager.java:898)
at
org.apache.ignite.spi.discovery.tcp.TcpDiscoverySpi.collectExchangeData(TcpDiscoverySpi.java:2140)
at
org.apache.ignite.spi.discovery.tcp.ServerImpl.joinTopology(ServerImpl.java:1106)
at
org.apache.ignite.spi.discovery.tcp.ServerImpl.spiStart(ServerImpl.java:473)
at
org.apache.ignite.spi.discovery.tcp.TcpDiscoverySpi.spiStart(TcpDiscoverySpi.java:2207)
at
org.apache.ignite.internal.managers.GridManagerAdapter.startSpi(GridManagerAdapter.java:278)
at
org.apache.ignite.internal.managers.discovery.GridDiscoveryManager.start(GridDiscoveryManager.java:980)
at
org.apache.ignite.internal.IgniteKernal.startManager(IgniteKernal.java:1985)
at
org.apache.ignite.internal.IgniteKernal.start(IgniteKernal.java:1331)
at
org.apache.ignite.internal.IgnitionEx$IgniteNamedInstance.start0(IgnitionEx.java:2141)
at
org.apache.ignite.internal.IgnitionEx$IgniteNamedInstance.start(IgnitionEx.java:1787)
at
org.apache.ignite.internal.IgnitionEx.start0(IgnitionEx.java:1172)
at org.apache.ignite.internal.IgnitionEx.start(IgnitionEx.java:668)
at org.apache.ignite.internal.IgnitionEx.start(IgnitionEx.java:590)
at org.apache.ignite.Ignition.start(Ignition.java:328)
at ServerNode.main(ServerNode.java:28)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.codehaus.mojo.exec.ExecJavaMojo$1.run(ExecJavaMojo.java:293)
at java.lang.Thread.run(Thread.java:748)
Thanks,
--
Sergey
Re: 'Security context isn't certain' exception during service deploy at node startup in 2.11.0
Posted by Sergey Korotkov <se...@gmail.com>.
Hi,
Yes, the runtime deployment does work, but the issue is about the
deployment at node startup.
In production we have the services specified in the XML ignite node
configuration file and this prevents node from starting.
Thanks,
--
Sergey
18.11.2021 18:03, Shishkov Ilya пишет:
> Hi Sergey,
> As I see, with turned on authentication, Services require cluster to
> be activated before deployment. With excluding servicesConfiguration
> from IgniteConfiguration and below lines your example would start:
>
> Ignite ignite = Ignition.start(config);
> ignite.cluster().state(ClusterState.ACTIVE);
>
> ignite.services().deploy(serviceConfiguration);
>
> чт, 18 нояб. 2021 г. в 07:39, Sergey Korotkov
> <serge.korotkov@gmail.com <ma...@gmail.com>>:
>
> Hello,
>
> We run into the problem migrating from Ignite version 2.8.1 to 2.11.0
>
> If the authentication is enabled the ignite service which is
> deployed at
> node startup prevents it from starting with the 'Security context
> isn't
> certain' exception.
>
> We have prepared a simple test reproducing the problem. It works fine
> with 2.8.1 and 2.10.0 but fails with 2.11.0.
>
> To run the test unzip the package and run as
>
> mvn clean package exec:java -Dignite.version=2.8.1 // works
> fine - node starts
>
> mvn clean package exec:java -Dignite.version=2.10.0 //
> works fine
> - node starts
>
> mvn clean package exec:java -Dignite.version=2.11.0 // error -
> node doesn't start
>
> Would you please help?
>
> The following stack trace is logged:
>
> class org.apache.ignite.plugin.security.SecurityException: Security
> context isn't certain.
> at
> org.apache.ignite.internal.processors.security.SecurityUtils.nodeSecurityContext(SecurityUtils.java:157)
> at
> org.apache.ignite.internal.processors.security.IgniteSecurityProcessor.localSecurityContext(IgniteSecurityProcessor.java:376)
> at
> java.lang.ThreadLocal$SuppliedThreadLocal.initialValue(ThreadLocal.java:284)
> at java.lang.ThreadLocal.setInitialValue(ThreadLocal.java:180)
> at java.lang.ThreadLocal.get(ThreadLocal.java:170)
> at
> org.apache.ignite.internal.processors.security.IgniteSecurityProcessor.authorize(IgniteSecurityProcessor.java:203)
> at
> org.apache.ignite.internal.processors.service.IgniteServiceProcessor.checkPermissions(IgniteServiceProcessor.java:630)
> at
> org.apache.ignite.internal.processors.service.IgniteServiceProcessor.prepareServiceConfigurations(IgniteServiceProcessor.java:590)
> at
> org.apache.ignite.internal.processors.service.IgniteServiceProcessor.staticallyConfiguredServices(IgniteServiceProcessor.java:1547)
> at
> org.apache.ignite.internal.processors.service.IgniteServiceProcessor.collectJoiningNodeData(IgniteServiceProcessor.java:358)
> at
> org.apache.ignite.internal.managers.discovery.GridDiscoveryManager$5.collect(GridDiscoveryManager.java:898)
> at
> org.apache.ignite.spi.discovery.tcp.TcpDiscoverySpi.collectExchangeData(TcpDiscoverySpi.java:2140)
> at
> org.apache.ignite.spi.discovery.tcp.ServerImpl.joinTopology(ServerImpl.java:1106)
> at
> org.apache.ignite.spi.discovery.tcp.ServerImpl.spiStart(ServerImpl.java:473)
> at
> org.apache.ignite.spi.discovery.tcp.TcpDiscoverySpi.spiStart(TcpDiscoverySpi.java:2207)
> at
> org.apache.ignite.internal.managers.GridManagerAdapter.startSpi(GridManagerAdapter.java:278)
> at
> org.apache.ignite.internal.managers.discovery.GridDiscoveryManager.start(GridDiscoveryManager.java:980)
> at
> org.apache.ignite.internal.IgniteKernal.startManager(IgniteKernal.java:1985)
> at
> org.apache.ignite.internal.IgniteKernal.start(IgniteKernal.java:1331)
> at
> org.apache.ignite.internal.IgnitionEx$IgniteNamedInstance.start0(IgnitionEx.java:2141)
> at
> org.apache.ignite.internal.IgnitionEx$IgniteNamedInstance.start(IgnitionEx.java:1787)
> at
> org.apache.ignite.internal.IgnitionEx.start0(IgnitionEx.java:1172)
> at
> org.apache.ignite.internal.IgnitionEx.start(IgnitionEx.java:668)
> at
> org.apache.ignite.internal.IgnitionEx.start(IgnitionEx.java:590)
> at org.apache.ignite.Ignition.start(Ignition.java:328)
> at ServerNode.main(ServerNode.java:28)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:498)
> at
> org.codehaus.mojo.exec.ExecJavaMojo$1.run(ExecJavaMojo.java:293)
> at java.lang.Thread.run(Thread.java:748)
>
>
> Thanks,
>
> --
>
> Sergey
>
>
Re: 'Security context isn't certain' exception during service deploy at node startup in 2.11.0
Posted by Shishkov Ilya <sh...@gmail.com>.
Hi Sergey,
As I see, with turned on authentication, Services require cluster to be
activated before deployment. With excluding servicesConfiguration from
IgniteConfiguration and below lines your example would start:
Ignite ignite = Ignition.start(config);
ignite.cluster().state(ClusterState.ACTIVE);
ignite.services().deploy(serviceConfiguration);
чт, 18 нояб. 2021 г. в 07:39, Sergey Korotkov <se...@gmail.com>:
> Hello,
>
> We run into the problem migrating from Ignite version 2.8.1 to 2.11.0
>
> If the authentication is enabled the ignite service which is deployed at
> node startup prevents it from starting with the 'Security context isn't
> certain' exception.
>
> We have prepared a simple test reproducing the problem. It works fine
> with 2.8.1 and 2.10.0 but fails with 2.11.0.
>
> To run the test unzip the package and run as
>
> mvn clean package exec:java -Dignite.version=2.8.1 // works
> fine - node starts
>
> mvn clean package exec:java -Dignite.version=2.10.0 // works fine
> - node starts
>
> mvn clean package exec:java -Dignite.version=2.11.0 // error -
> node doesn't start
>
> Would you please help?
>
> The following stack trace is logged:
>
> class org.apache.ignite.plugin.security.SecurityException: Security
> context isn't certain.
> at
>
> org.apache.ignite.internal.processors.security.SecurityUtils.nodeSecurityContext(SecurityUtils.java:157)
> at
>
> org.apache.ignite.internal.processors.security.IgniteSecurityProcessor.localSecurityContext(IgniteSecurityProcessor.java:376)
> at
>
> java.lang.ThreadLocal$SuppliedThreadLocal.initialValue(ThreadLocal.java:284)
> at java.lang.ThreadLocal.setInitialValue(ThreadLocal.java:180)
> at java.lang.ThreadLocal.get(ThreadLocal.java:170)
> at
>
> org.apache.ignite.internal.processors.security.IgniteSecurityProcessor.authorize(IgniteSecurityProcessor.java:203)
> at
>
> org.apache.ignite.internal.processors.service.IgniteServiceProcessor.checkPermissions(IgniteServiceProcessor.java:630)
> at
>
> org.apache.ignite.internal.processors.service.IgniteServiceProcessor.prepareServiceConfigurations(IgniteServiceProcessor.java:590)
> at
>
> org.apache.ignite.internal.processors.service.IgniteServiceProcessor.staticallyConfiguredServices(IgniteServiceProcessor.java:1547)
> at
>
> org.apache.ignite.internal.processors.service.IgniteServiceProcessor.collectJoiningNodeData(IgniteServiceProcessor.java:358)
> at
>
> org.apache.ignite.internal.managers.discovery.GridDiscoveryManager$5.collect(GridDiscoveryManager.java:898)
> at
>
> org.apache.ignite.spi.discovery.tcp.TcpDiscoverySpi.collectExchangeData(TcpDiscoverySpi.java:2140)
> at
>
> org.apache.ignite.spi.discovery.tcp.ServerImpl.joinTopology(ServerImpl.java:1106)
> at
>
> org.apache.ignite.spi.discovery.tcp.ServerImpl.spiStart(ServerImpl.java:473)
> at
>
> org.apache.ignite.spi.discovery.tcp.TcpDiscoverySpi.spiStart(TcpDiscoverySpi.java:2207)
> at
>
> org.apache.ignite.internal.managers.GridManagerAdapter.startSpi(GridManagerAdapter.java:278)
> at
>
> org.apache.ignite.internal.managers.discovery.GridDiscoveryManager.start(GridDiscoveryManager.java:980)
> at
>
> org.apache.ignite.internal.IgniteKernal.startManager(IgniteKernal.java:1985)
> at
> org.apache.ignite.internal.IgniteKernal.start(IgniteKernal.java:1331)
> at
>
> org.apache.ignite.internal.IgnitionEx$IgniteNamedInstance.start0(IgnitionEx.java:2141)
> at
>
> org.apache.ignite.internal.IgnitionEx$IgniteNamedInstance.start(IgnitionEx.java:1787)
> at
> org.apache.ignite.internal.IgnitionEx.start0(IgnitionEx.java:1172)
> at org.apache.ignite.internal.IgnitionEx.start(IgnitionEx.java:668)
> at org.apache.ignite.internal.IgnitionEx.start(IgnitionEx.java:590)
> at org.apache.ignite.Ignition.start(Ignition.java:328)
> at ServerNode.main(ServerNode.java:28)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
>
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> at
>
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:498)
> at org.codehaus.mojo.exec.ExecJavaMojo$1.run(ExecJavaMojo.java:293)
> at java.lang.Thread.run(Thread.java:748)
>
>
> Thanks,
>
> --
>
> Sergey
>
>
>