You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@knox.apache.org by "ASF subversion and git services (Jira)" <ji...@apache.org> on 2020/02/29 01:41:00 UTC
[jira] [Commented] (KNOX-2212) TokenStateService should fail
permissively
[ https://issues.apache.org/jira/browse/KNOX-2212?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17048109#comment-17048109 ]
ASF subversion and git services commented on KNOX-2212:
-------------------------------------------------------
Commit 04ec47e085d09326d8908d7b2c1ebecc28c9d8a9 in knox's branch refs/heads/master from Sandeep Moré
[ https://gitbox.apache.org/repos/asf?p=knox.git;h=04ec47e ]
KNOX-2212 - Token permissiveness (#274)
> TokenStateService should fail permissively
> ------------------------------------------
>
> Key: KNOX-2212
> URL: https://issues.apache.org/jira/browse/KNOX-2212
> Project: Apache Knox
> Issue Type: Bug
> Components: Server
> Affects Versions: 1.4.0
> Reporter: Philip Zampino
> Assignee: Sandeep More
> Priority: Major
> Time Spent: 4h
> Remaining Estimate: 0h
>
> While unlikely, it's possible that the TokenStateService may be presented with a token, for which it has no state, but which can be verified as a valid (origin, expiration, etc...) token. In these cases, rather than rejecting the token for lack of server-managed state, the token's state should be recorded, and the associated operation permitted.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)