[ https://issues.apache.org/jira/browse/GEODE-9457?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Owen Nichols closed GEODE-9457. ------------------------------- > Investigate the behavior of CQ when authentication expires. > ----------------------------------------------------------- > > Key: GEODE-9457 > URL: https://issues.apache.org/jira/browse/GEODE-9457 > Project: Geode > Issue Type: Sub-task > Components: core, security > Reporter: Jinmei Liao > Assignee: Jinmei Liao > Priority: Major > Labels: GeodeOperationAPI, pull-request-available > Fix For: 1.15.0 > > > To ensure CQ message delivery when a user expires, we need to: > # authorize the message when dispatching the message. > # catch the AuthExpiredException and send REAUTHENTICATE message to the > client > # The client gets that message and re-authenticate > # the message dispatcher will use the new subject to authorize the message > again and try deliver > # if client didn't re-authenticate back in a timely manner, the proxy should > close the connection > # make sure this also works in multi-user mode > To have the message dispatcher to use the newly updated user to authorize the > message, we need to be able to associate the new userId with the old userId. > This would require > 7: have the AuthenticateUserOp send the old userId if exists > make sure to include tests in multi-server cases -- This message was sent by Atlassian Jira (v8.20.7#820007)