You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@knox.apache.org by "Attila Magyar (Jira)" <ji...@apache.org> on 2021/08/24 09:10:00 UTC

[jira] [Created] (KNOX-2646) The tokenLimitPerUser check doesn't always work.

Attila Magyar created KNOX-2646:
-----------------------------------

             Summary: The tokenLimitPerUser check doesn't always work.
                 Key: KNOX-2646
                 URL: https://issues.apache.org/jira/browse/KNOX-2646
             Project: Apache Knox
          Issue Type: Task
            Reporter: Attila Magyar
            Assignee: Attila Magyar


{code:java}
if (tokenStateService.getTokens(p.getName()).size() == tokenLimitPerUser) {
  log.tokenLimitExceeded(p.getName());
  return Response.status(Response.Status.FORBIDDEN).entity("{ \"Unable to get token - token limit exceeded.\" }").build();
}
 {code}
We have an equality check when checking the max number of tokens per user. But if the user already have N number of tokens, and later the admin changes the gateway.knox.token.limit.per.user to a smaller number then this check will never trigger.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)