Veena Mithare created IGNITE-12781:
--------------------------------------
Summary: Cache_Put event generated from a remote_client user action has subject uuid of Node that executes the request sometimes.
Key: IGNITE-12781
URL:
https://issues.apache.org/jira/browse/IGNITE-12781 Project: Ignite
Issue Type: Bug
Components: security
Affects Versions: 2.8
Reporter: Veena Mithare
Unable to get the right audit information i.e. we are unable
to get the right subject for users logged in through dbeaver ( jdbc thin
client. ).
This is because the subjectid associated with the "CACHE_PUT"
event when an update is triggered by the jdbc thin client, contains the uuid
of the node that executed the update rather than the logged in jdbc thin
client user.
This was discussed in the 'Ignite users' group
[
http://apache-ignite-users.70518.x6.nabble.com/JDBC-thin-client-incorrect-security-context-td31354.html]
During the update through jdbc client, there
could be 2 kinds of threads acting on it. The 'client-connector' thread and
the 'sys-stripe'. If the client-connector thread completes the transaction
and calls the record, it is able to send a 'cache_put' event with the uuid
of the person logged in to through the jdbc thin client . Whereas if the
'sys-stripe' thread completes the transaction, it sends the 'cache_put'
event with the node uuid.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
Locked
