[
https://issues.apache.org/jira/browse/KNOX-2377?focusedWorklogId=444891&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-444891
]
ASF GitHub Bot logged work on KNOX-2377:
----------------------------------------
Author: ASF GitHub Bot
Created on: 12/Jun/20 13:55
Start Date: 12/Jun/20 13:55
Worklog Time Spent: 10m
Work Description: pzampino commented on a change in pull request #345:
URL: https://github.com/apache/knox/pull/345#discussion_r439433286
##########
File path:
gateway-server/src/main/java/org/apache/knox/gateway/services/token/impl/JournalEntry.java
##########
@@ -0,0 +1,29 @@
+/*
+ *
+ * * Licensed to the Apache Software Foundation (ASF) under one or more
+ * * contributor license agreements. See the NOTICE file distributed with this
+ * * work for additional information regarding copyright ownership. The ASF
+ * * licenses this file to you under the Apache License, Version 2.0 (the
+ * * "License"); you may not use this file except in compliance with the
License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * * License for the specific language governing permissions and limitations
under
+ * * the License.
+ *
+ */
+package org.apache.knox.gateway.services.token.impl;
+
+public interface JournalEntry {
+ String getTokenId();
+
+ String getIssueTime();
+
+ String getExpiration();
+
+ String getMaxLifetime();
Review comment:
Agreed.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
Issue Time Tracking
-------------------
Worklog Id: (was: 444891)
Time Spent: 40m (was: 0.5h)
> Address potential loss of token state
> -------------------------------------
>
> Key: KNOX-2377
> URL: https://issues.apache.org/jira/browse/KNOX-2377
> Project: Apache Knox
> Issue Type: Bug
> Components: Server
> Affects Versions: 1.5.0
> Reporter: Philip Zampino
> Assignee: Philip Zampino
> Priority: Major
> Time Spent: 40m
> Remaining Estimate: 0h
>
> With the recent performance enhancements associated with token state
> management (KNOX-2375), there has come the possibility of token state getting
> lost.
> Part of the performance improvement is removing the persistence of token
> state to the keystore (which is expensive) from the token request processing
> path, and performing that persistence in a background thread.
> It's possible that the gateway could crash or otherwise go down before the
> state of recently-issued tokens has been persisted to the keystore.
> Consequently, after the gateway is restarted, subsequent use of these "lost"
> tokens would result in client authentication failures because the tokens
> would be unknown to the TokenStateService.
> The TokenStateService needs to be able to recover from such scenarios to
> avoid the loss of token state.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
