[
https://issues.apache.org/jira/browse/KNOX-2377?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Philip Zampino updated KNOX-2377:
---------------------------------
Status: Patch Available (was: In Progress)
> Address potential loss of token state
> -------------------------------------
>
> Key: KNOX-2377
> URL: https://issues.apache.org/jira/browse/KNOX-2377
> Project: Apache Knox
> Issue Type: Bug
> Components: Server
> Affects Versions: 1.5.0
> Reporter: Philip Zampino
> Assignee: Philip Zampino
> Priority: Major
> Time Spent: 1h 10m
> Remaining Estimate: 0h
>
> With the recent performance enhancements associated with token state
> management (KNOX-2375), there has come the possibility of token state getting
> lost.
> Part of the performance improvement is removing the persistence of token
> state to the keystore (which is expensive) from the token request processing
> path, and performing that persistence in a background thread.
> It's possible that the gateway could crash or otherwise go down before the
> state of recently-issued tokens has been persisted to the keystore.
> Consequently, after the gateway is restarted, subsequent use of these "lost"
> tokens would result in client authentication failures because the tokens
> would be unknown to the TokenStateService.
> The TokenStateService needs to be able to recover from such scenarios to
> avoid the loss of token state.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
