Alexey Serbin created KUDU-3178:
-----------------------------------
Summary: Terminate connections which have been open for longer
than authn token expiration period
Key: KUDU-3178
URL: https://issues.apache.org/jira/browse/KUDU-3178
Project: Kudu
Issue Type: Improvement
Components: master, security, tserver
Reporter: Alexey Serbin
A Kudu client can open a connection to {{kudu-master}} or {{kudu-tserver}} and
keep that connection open indefinitely by issuing some method at least once
every {{\-\-rpc_default_keepalive_time_ms}} interval (e.g., call {{Ping()}}
method). This means there isn't a limit on how long an client can have access
to cluster once it's authenticated, unless {{kudu-master}} and {{kudu-tserver}}
processes are restarted. When fine-grained authorization if enforced, this
issue is really benign because such lingering clients are unable to call any
methods that require authz token to be provided.
It would be nice to address this by providing an option to terminate
connections which were established long time ago. Both the interval of the
maximum connection lifetime and whether to terminate over-the-TTL connections
should be controlled by flags.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
