[
https://issues.apache.org/jira/browse/FINERACT-2485?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18059257#comment-18059257
]
saifulhuq commented on FINERACT-2485:
-------------------------------------
Hi [~aleks] , thank you for the pointer to {*}FINERACT-2169{*}.
I reviewed the ticket, and I agree—a generic, system-wide approach is far
superior to patching individual modules (Savings/Loans) in isolation.
I will update my POC and GSoC proposal to align with the *FINERACT-2169*
architecture, focusing on a reusable idempotency mechanissm (likely via a core
filter/interceptor pattern) that can be adopted by any module.
I'll post a revised technical approach here shortly for feedback. Thanks for
steering this in the right direction.
> [GSoC 2026] [POC] Standardize and Harden Transaction Idempotency for Savings
> and Loans
> --------------------------------------------------------------------------------------
>
> Key: FINERACT-2485
> URL: https://issues.apache.org/jira/browse/FINERACT-2485
> Project: Apache Fineract
> Issue Type: Task
> Reporter: saifulhuq
> Priority: Major
> Labels: gsoc2026, poc, security
>
> *Goal:* Standardize idempotency enforcement to prevent replay attacks in core
> financial modules. *Implementation Strategy (Addressing James Dailey's
> feedback):*
> # *Opt-In Architecture:* New logic will be behind a Global Configuration
> flag. Default remains legacy behavior to ensure 100% backward compatibility.
> # *Phased Approach:* Audit existing {{m_portfolio_command_source}} usage and
> bridge gaps in the Savings module first.
> # *Testing:* Implementation of integration tests simulating network
> failures/retries.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
