Hello, Mikhail!
Proposed realization provides a security plugin when
isAuthenticationEnabled is true and,
in this way, makes IgniteSecurity enabled. But current implementation of
IgniteAuthenticationProcessor (security plugin)
does not allow:
- apply a security policy, so authorization does
Maxim, this issue should be fixed as part of [1]. Note, that the current
PR [2] is draft and its description just shows the current state of
work. Of course the task i'm working on can't be resolved without fixing
this issue.
[1] - https://issues.apache.org/jira/browse/IGNITE-13112
[2] - https
Mikhail,
> Note, that the current PR breaks management of the users via REST because the
> SecurityContext is not propagated properly during REST requests execution.
Do we have a JIRA taks to fix this behaviour or do we need such
behaviour at all?
On Mon, 22 Mar 2021 at 13:34, Nikolay Izhikov
Hello, Mikhail.
I'm +1 to follow your suggestion.
чт, 18 мар. 2021 г. в 17:53, Mikhail Petrov :
> Hello, Igniters.
>
> As of now, there are two independent APIs related to security:
> 1. IgniteSecurity - handle node/client authentication and authorize all
> operations.
> 2. IgniteAuthenticationP
