You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@ignite.apache.org by "Nikolay Izhikov (Jira)" <ji...@apache.org> on 2021/12/06 08:32:00 UTC
[jira] [Updated] (IGNITE-15969) Enabling authentication requires the client node to enable persistence in the configuration
[ https://issues.apache.org/jira/browse/IGNITE-15969?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Nikolay Izhikov updated IGNITE-15969:
-------------------------------------
Labels: ise newbie (was: newbie)
> Enabling authentication requires the client node to enable persistence in the configuration
> -------------------------------------------------------------------------------------------
>
> Key: IGNITE-15969
> URL: https://issues.apache.org/jira/browse/IGNITE-15969
> Project: Ignite
> Issue Type: Bug
> Affects Versions: 2.11
> Reporter: Ilya Shishkov
> Assignee: Ilya Shishkov
> Priority: Minor
> Labels: ise, newbie
> Attachments: ClientNodeAuthFailureReproducer.patch
>
>
> When you start cluster with turned on built-in authentication it requires to enable persistence too [1].
> This requirement seems to be useless for client nodes, because they has no persistence, but without persistence client node would fail during start up with below error:
> {code:java}
> class org.apache.ignite.IgniteCheckedException: Authentication can be enabled only for cluster with enabled persistence. Check the DataRegionConfiguration
> at org.apache.ignite.internal.processors.authentication.IgniteAuthenticationProcessor.startProcessor(IgniteAuthenticationProcessor.java:166)
> at org.apache.ignite.internal.IgniteKernal.start(IgniteKernal.java:1259)
> at org.apache.ignite.internal.IgnitionEx$IgniteNamedInstance.start0(IgnitionEx.java:2141)
> at org.apache.ignite.internal.IgnitionEx$IgniteNamedInstance.start(IgnitionEx.java:1787)
> at org.apache.ignite.internal.IgnitionEx.start0(IgnitionEx.java:1172)
> at org.apache.ignite.internal.IgnitionEx.start(IgnitionEx.java:642)
> {code}
> Reproducer: [^ClientNodeAuthFailureReproducer.patch]
> It slightly modifies AuthenticationConfigurationClusterTest an it leads to failure of tests: the existing #testClientNodeJoinDisabled and added in the patch #testEnabledAuthenticationOnClientNode.
> It seems that here [2] we should add check whether starting up node is client or not:
> {code:java}
> /** Starts processor. */
> public void startProcessor() throws IgniteCheckedException {
> if (!GridCacheUtils.isPersistenceEnabled(ctx.config())) { // here client node fails
> throw new IgniteCheckedException("Authentication can be enabled only for cluster with enabled persistence."
> + " Check the DataRegionConfiguration");
> }
> {code}
> Links:
> # [https://ignite.apache.org/docs/latest/security/authentication]
> # [https://github.com/apache/ignite/blob/master/modules/core/src/main/java/org/apache/ignite/internal/processors/authentication/IgniteAuthenticationProcessor.java#L165]
--
This message was sent by Atlassian Jira
(v8.20.1#820001)