Re: [PR] ZOOKEEPER-4839: Clear user credentials when userName non-exist in sasl login module [zookeeper]

via GitHub Wed, 07 Aug 2024 02:32:44 -0700


kezhuw commented on code in PR #2176:
URL: https://github.com/apache/zookeeper/pull/2176#discussion_r1706693861



##########
zookeeper-server/src/main/java/org/apache/zookeeper/server/auth/SaslServerCallbackHandler.java:
##########
@@ -90,6 +90,11 @@ private void handleNameCallback(NameCallback nc) {
         // check to see if this user is in the user password database.
         if (credentials.get(nc.getDefaultName()) == null) {
             LOG.warn("User '{}' not found in list of DIGEST-MD5 
authenticateable users.", nc.getDefaultName());
+            // ZOOKEEPER-4839
+            // Incorrect usernames also need to be stored
+            // in order to clear the usernames of previously
+            // successfully logged-in users.
+            userName = nc.getDefaultName();

Review Comment:
   Sounds viable to me.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Re: [PR] ZOOKEEPER-4839: Clear user credentials when userName non-exist in sasl login module [zookeeper]

Reply via email to