smolnar82 opened a new pull request #490: URL: https://github.com/apache/knox/pull/490
## What changes were proposed in this pull request? As described in the JIRA; in-memory lookup is skipped in JDBC token state service while fetching token expiration or metadata. Instead, we go directly to the DB in this implementation. Since those queries are simple (there is no table join involved) and they rely on indexed columns the is no significant performance issue. ## How was this patch tested? Updated JUnit test cases and repeated the same steps as described in the JIRA. With my fix, the disabled authentication request fails on node 2 like this: ``` $ curl -ku Passcode:WXpVNVlUZGlNRGt0WWpFMk5TMDBZamxsTFRobVpEY3ROV0psWW1WbE1EVTRZakF4OjpOVFptWW1VNVlXVXROelppTVMwME5URmhMVGcxWXpRdFl6Z3hNVEUwTmpkak5XUTA= https://localhost:8444/gateway/tokenbased/webhdfs/v1?op=LISTSTATUS <html> <head> <meta http-equiv="Content-Type" content="text/html;charset=utf-8"/> <title>Error 401 Token c59a7b09...5bebee058b01 is disabled</title> </head> <body><h2>HTTP ERROR 401 Token c59a7b09...5bebee058b01 is disabled</h2> <table> <tr><th>URI:</th><td>/gateway/tokenbased/webhdfs/v1</td></tr> <tr><th>STATUS:</th><td>401</td></tr> <tr><th>MESSAGE:</th><td>Token c59a7b09...5bebee058b01 is disabled</td></tr> <tr><th>SERVLET:</th><td>tokenbased-knox-gateway-servlet</td></tr> </table> </body> </html> ``` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
