[ https://issues.apache.org/jira/browse/KNOX-2777?focusedWorklogId=794182&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-794182 ]
ASF GitHub Bot logged work on KNOX-2777: ---------------------------------------- Author: ASF GitHub Bot Created on: 22/Jul/22 11:24 Start Date: 22/Jul/22 11:24 Worklog Time Spent: 10m Work Description: zeroflag merged PR #608: URL: https://github.com/apache/knox/pull/608 Issue Time Tracking ------------------- Worklog Id: (was: 794182) Time Spent: 3h 10m (was: 3h) > Implement concurrent session verifier > ------------------------------------- > > Key: KNOX-2777 > URL: https://issues.apache.org/jira/browse/KNOX-2777 > Project: Apache Knox > Issue Type: Sub-task > Components: Server > Affects Versions: 2.0.0 > Reporter: Sandor Molnar > Assignee: Balazs Marton > Priority: Major > Fix For: 2.0.0 > > Time Spent: 3h 10m > Remaining Estimate: 0h > > The following needs to be implemented in the scope of this JIRA: > * we need 4 new Gateway-level configurations: > ** privileged user list (defaults to an empty collection) > ** non-privileged user list (defaults to an empty collection) > ** session limit for privileged users (defaults to 3) > ** session limit for non-privileged users (defaults to 2) > * if a session limit for any of the groups is set to a negative number, that > means the users in that group are allowed to have an unlimited number of > sessions > * In addition to the new configs, a verifier has to be implemented that > enforces the following business logic: if a user is listed in the > above-introduced privileged/non-privileged collection AND is about to pass a > configured session limit the verification should fail. The verification > should succeed if the given user is declared neither a privileged nor a > non-privileged user. > The new verifier implementation may be placed in the {{gateway-spi-common}} > project for now. -- This message was sent by Atlassian Jira (v8.20.10#820010)