You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@qpid.apache.org by "Keith Wall (JIRA)" <ji...@apache.org> on 2018/07/17 10:24:00 UTC
[jira] [Commented] (QPID-8219) [Broker-J] Authentication results
are cached in SimpleLdap Authentication provider per connection basis
[ https://issues.apache.org/jira/browse/QPID-8219?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16546328#comment-16546328 ]
Keith Wall commented on QPID-8219:
----------------------------------
Wouldn't this problem also affect OAuth2AuthenticationProvider which IIRC uses the same scheme?
> [Broker-J] Authentication results are cached in SimpleLdap Authentication provider per connection basis
> -------------------------------------------------------------------------------------------------------
>
> Key: QPID-8219
> URL: https://issues.apache.org/jira/browse/QPID-8219
> Project: Qpid
> Issue Type: Bug
> Components: Broker-J
> Affects Versions: qpid-java-6.1.6, qpid-java-broker-7.0.3, qpid-java-broker-7.0.2, qpid-java-6.1, qpid-java-6.1.1, qpid-java-6.1.2, qpid-java-6.1.3, qpid-java-6.1.4, qpid-java-broker-7.0.0, qpid-java-6.1.5, qpid-java-broker-7.0.1, qpid-java-broker-7.0.4, qpid-java-broker-7.0.5, qpid-java-broker-7.0.6
> Reporter: Alex Rudyy
> Priority: Major
> Fix For: qpid-java-6.1.7, qpid-java-broker-7.1.0, qpid-java-broker-7.0.7
>
>
> SimpleLdap authentication provider was supposed to cache authentication results per remote host basis. Thus, when connections are made from the same host using the same credentials, the cached authentication results should be reused. The current caching approach takes into consideration an ephemeral port of the connection. As result, a new connection from the same host with the same credentials cannot reuse previous authentication results due to a different ephemeral port.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org