When security is turned on (cacheConfig.security().authorization().enable()), any user can obtain/create a cache, even unauthorized users. This should be allowed only for users with right ACCESS. This right is actually not present in AuthorizationPermission.