You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@ignite.apache.org by "Semen Boikov (JIRA)" <ji...@apache.org> on 2015/12/14 12:10:46 UTC

[jira] [Updated] (IGNITE-1887) REST-HTTP change queryId generation from sequence to random.

     [ https://issues.apache.org/jira/browse/IGNITE-1887?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Semen Boikov updated IGNITE-1887:
---------------------------------
    Fix Version/s:     (was: 1.5)
                   1.6

> REST-HTTP change queryId generation from sequence to random.
> ------------------------------------------------------------
>
>                 Key: IGNITE-1887
>                 URL: https://issues.apache.org/jira/browse/IGNITE-1887
>             Project: Ignite
>          Issue Type: Bug
>            Reporter: Andrey Novikov
>            Assignee: Semen Boikov
>            Priority: Minor
>             Fix For: 1.6
>
>
> First problem:
>  1. client1 execute query and get queryId = 1.
>  2. node where query was executed is restarted (queryId generator
> initialized to zero).
>  3. client2 execute some query and also get queryId=1.
>  4. client1 fetch next page for queryId=1 and GETS results of client2.
> Second problem:
>  As queryId is generated sequentially it is very easy to brute force and
> some client could get data of other clients too easy.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)