You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@knox.apache.org by "Philip Zampino (Jira)" <ji...@apache.org> on 2020/01/30 15:15:00 UTC

[jira] [Created] (KNOX-2212) TokenStateService should fail permissively

Philip Zampino created KNOX-2212:
------------------------------------

             Summary: TokenStateService should fail permissively
                 Key: KNOX-2212
                 URL: https://issues.apache.org/jira/browse/KNOX-2212
             Project: Apache Knox
          Issue Type: Bug
          Components: Server
    Affects Versions: 1.4.0
            Reporter: Philip Zampino
            Assignee: Philip Zampino


While unlikely, it's possible that the TokenStateService may be presented with a token, for which it has no state, but which can be verified as a valid (origin, expiration, etc...) token. In these cases, rather than rejecting the token for lack of server-managed state, the token's state should be recorded, and the associated operation permitted.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)