Philip Zampino created KNOX-2611: ------------------------------------ Summary: Token-based providers should cache unsuccessful signature verifications Key: KNOX-2611 URL: https://issues.apache.org/jira/browse/KNOX-2611 Project: Apache Knox Issue Type: Bug Components: Server Affects Versions: 1.6.0 Reporter: Philip Zampino
Similar to KNOX-2544, by which the token-base providers cache SUCCESSFUL signature verifications to avoid having to re-verify the same token repeatedly, this issue would add caching of UNSUCCESSFUL signature verifications toward the goal of preventing DOS-type attacks with "known bad" tokens. -- This message was sent by Atlassian Jira (v8.3.4#803005)