[
https://issues.apache.org/jira/browse/KNOX-2777?focusedWorklogId=794182&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-794182
]
ASF GitHub Bot logged work on KNOX-2777:
----------------------------------------
Author: ASF GitHub Bot
Created on: 22/Jul/22 11:24
Start Date: 22/Jul/22 11:24
Worklog Time Spent: 10m
Work Description: zeroflag merged PR #608:
URL: https://github.com/apache/knox/pull/608
Issue Time Tracking
-------------------
Worklog Id: (was: 794182)
Time Spent: 3h 10m (was: 3h)
> Implement concurrent session verifier
> -------------------------------------
>
> Key: KNOX-2777
> URL: https://issues.apache.org/jira/browse/KNOX-2777
> Project: Apache Knox
> Issue Type: Sub-task
> Components: Server
> Affects Versions: 2.0.0
> Reporter: Sandor Molnar
> Assignee: Balazs Marton
> Priority: Major
> Fix For: 2.0.0
>
> Time Spent: 3h 10m
> Remaining Estimate: 0h
>
> The following needs to be implemented in the scope of this JIRA:
> * we need 4 new Gateway-level configurations:
> ** privileged user list (defaults to an empty collection)
> ** non-privileged user list (defaults to an empty collection)
> ** session limit for privileged users (defaults to 3)
> ** session limit for non-privileged users (defaults to 2)
> * if a session limit for any of the groups is set to a negative number, that
> means the users in that group are allowed to have an unlimited number of
> sessions
> * In addition to the new configs, a verifier has to be implemented that
> enforces the following business logic: if a user is listed in the
> above-introduced privileged/non-privileged collection AND is about to pass a
> configured session limit the verification should fail. The verification
> should succeed if the given user is declared neither a privileged nor a
> non-privileged user.
> The new verifier implementation may be placed in the {{gateway-spi-common}}
> project for now.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
