potiuk commented on PR #23:
URL: https://github.com/apache/comdev/pull/23#issuecomment-4896001668

   > Are you saying that the user permissions are rechecked each time the token 
is used?
   
   Technically speaking - it's checked every time in ES. I did not touch Oauth 
Provider - and Oauth Provider stores the sessions in ES. This is the 
authoritative source of "user access" in PonyMail. And unlike the sssion id 
from PonyMail - ES is read with every request (enabling cache might limit that 
at the expense of caching the session) locally. It uses basicaly the same 
mechanism that "cookie" login uses for ES. 
   
   Hower - that triggered me to go deeper and I see the issue now. I  see when 
the user auth in ES is stored - and I see now the limitation of ES not being 
able to refresh this data without the login - I see that ES does not store long 
term refresh tokens and does not refresh the authorization in the backround - I 
was quite sure it does.  This makes it clear why we have 20 hour per-session 
timeout in ASF - instead of 7 days, because it also means that if user's 
permissions are changed, they are also not reflected in Pony Mail unil the 
session expires. I guess 20 hours is a reasonable trade-off made by Infra
   
   So .. Yeah.. Unfortunately the approach would ilnot work to refresh changes 
without user interaction.
   
   Thanks for making me dig deeper - that helped me to see a flaw in the 
"refresh" mechanism. And yeah, I think it makes sense for PonyMail to implement 
the ASFQuart interface - I see that  ASF Quart uses directly LDAP access to 
refresh that data. 
   
   Good discussion thanks. Then yeah I think I will just close it - the 
permission refresh is a feature that indeed is quite an important feature and 
it would require always to communicate to PonyMail to invalidate token to 
remove it - which I guess is too brittle and it makes no sense to do it. 
   
   Fair. Thanks for the questions - it was a good discussion and alowed me to 
understand better internal PonyMail architecture :).


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to