This is an automated email from the ASF dual-hosted git repository.
lmccay pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/knox.git
The following commit(s) were added to refs/heads/master by this push:
new 956abf9cc KNOX-3101 - hash key for RemoteAuthProvider cache (#996)
956abf9cc is described below
commit 956abf9ccd7ba34ba3b1c0ecd0625717b5be0a2b
Author: lmccay <[email protected]>
AuthorDate: Wed Feb 26 09:25:44 2025 -0500
KNOX-3101 - hash key for RemoteAuthProvider cache (#996)
---
.../org/apache/knox/gateway/filter/RemoteAuthFilter.java | 16 +++++++++++++---
.../apache/knox/gateway/filter/RemoteAuthFilterTest.java | 2 +-
2 files changed, 14 insertions(+), 4 deletions(-)
diff --git
a/gateway-provider-security-authc-remote/src/main/java/org/apache/knox/gateway/filter/RemoteAuthFilter.java
b/gateway-provider-security-authc-remote/src/main/java/org/apache/knox/gateway/filter/RemoteAuthFilter.java
index 58d96f8f1..7f90adef2 100755
---
a/gateway-provider-security-authc-remote/src/main/java/org/apache/knox/gateway/filter/RemoteAuthFilter.java
+++
b/gateway-provider-security-authc-remote/src/main/java/org/apache/knox/gateway/filter/RemoteAuthFilter.java
@@ -82,7 +82,7 @@ public class RemoteAuthFilter implements Filter {
*/
HttpURLConnection httpURLConnection;
- Cache<String, Subject> authenticationCache;
+ private Cache<String, Subject> authenticationCache;
private static final AuditService auditService =
AuditServiceFactory.getAuditService();
private static final Auditor auditor = auditService.getAuditor(
@@ -135,7 +135,7 @@ public class RemoteAuthFilter implements Filter {
HttpServletResponse httpResponse = (HttpServletResponse) response;
String cacheKey = httpRequest.getHeader(cacheKeyHeader);
- Subject cachedSubject = authenticationCache.getIfPresent(cacheKey);
+ Subject cachedSubject =
authenticationCache.getIfPresent(hashCacheKey(cacheKey));
if (cachedSubject != null) {
continueWithEstablishedSecurityContext(cachedSubject, httpRequest,
httpResponse, filterChain);
@@ -163,7 +163,7 @@ public class RemoteAuthFilter implements Filter {
.add(new GroupPrincipal(groupName)));
}
- authenticationCache.put(cacheKey, subject);
+ authenticationCache.put(hashCacheKey(cacheKey), subject);
AuditContext context = auditService.getContext();
if (context != null) {
@@ -247,4 +247,14 @@ public class RemoteAuthFilter implements Filter {
@Override
public void destroy() {
}
+
+ // Add method to hash cache key
+ private String hashCacheKey(String key) {
+ return String.valueOf(key.hashCode());
+ }
+
+ // Change to package-private for testing
+ void setCachedSubject(String cacheKey, Subject subject) {
+ authenticationCache.put(hashCacheKey(cacheKey), subject);
+ }
}
\ No newline at end of file
diff --git
a/gateway-provider-security-authc-remote/src/test/java/org/apache/knox/gateway/filter/RemoteAuthFilterTest.java
b/gateway-provider-security-authc-remote/src/test/java/org/apache/knox/gateway/filter/RemoteAuthFilterTest.java
index 33242e55d..3d6679a35 100644
---
a/gateway-provider-security-authc-remote/src/test/java/org/apache/knox/gateway/filter/RemoteAuthFilterTest.java
+++
b/gateway-provider-security-authc-remote/src/test/java/org/apache/knox/gateway/filter/RemoteAuthFilterTest.java
@@ -160,7 +160,7 @@ public class RemoteAuthFilterTest {
// Add groups to the principal if available
Arrays.stream(groupNames.split(",")).forEach(groupName ->
subject.getPrincipals()
.add(new GroupPrincipal(groupName)));
- filter.authenticationCache.put(BEARER_VALID_TOKEN, subject);
+ filter.setCachedSubject(BEARER_VALID_TOKEN, subject);
EasyMock.expect(requestMock.getHeader("Authorization")).andReturn(BEARER_VALID_TOKEN).anyTimes();
EasyMock.expect(responseMock.getStatus()).andReturn(200).anyTimes();
