You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@knox.apache.org by "Philip Zampino (Jira)" <ji...@apache.org> on 2021/06/03 15:31:00 UTC
[jira] [Assigned] (KNOX-2611) Token-based providers should cache
unsuccessful signature verifications
[ https://issues.apache.org/jira/browse/KNOX-2611?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Philip Zampino reassigned KNOX-2611:
------------------------------------
Assignee: Philip Zampino
> Token-based providers should cache unsuccessful signature verifications
> -----------------------------------------------------------------------
>
> Key: KNOX-2611
> URL: https://issues.apache.org/jira/browse/KNOX-2611
> Project: Apache Knox
> Issue Type: Bug
> Components: Server
> Affects Versions: 1.6.0
> Reporter: Philip Zampino
> Assignee: Philip Zampino
> Priority: Major
>
> Similar to KNOX-2544, by which the token-base providers cache SUCCESSFUL signature verifications to avoid having to re-verify the same token repeatedly, this issue would add caching of UNSUCCESSFUL signature verifications toward the goal of preventing DOS-type attacks with "known bad" tokens.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)