[
https://issues.apache.org/jira/browse/KNOX-524?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14382548#comment-14382548
]
Sumit Gupta commented on KNOX-524:
----------------------------------
The commit contains the following changes:
1. The default key for the authentication cache in Shiro's LDAP realm
implementation is just the principal name. This allows for someone to log in
with a user name and a bogus password once that user name has successfully
authenticated and the info has been cached. The key for the authentication
cache is now a combination of the hashes of user name and password.
2. The group information for a user was being cached only in Session. This left
out users that did not pass back the session id to get that cached information.
The group information is now also put in Shiro's PrincipalCollection. This
information is still also put in Session for backwards compatibility.
3. A new template has been added to demonstrate the caching settings for
authentication.
> Support LDAP authentication caching
> -----------------------------------
>
> Key: KNOX-524
> URL: https://issues.apache.org/jira/browse/KNOX-524
> Project: Apache Knox
> Issue Type: Bug
> Components: Server
> Affects Versions: 0.6.0
> Reporter: Sumit Gupta
> Assignee: Sumit Gupta
> Fix For: 0.6.0
>
>
> Add support for caching LDAP authentication information in Knox without
> requiring the client to maintain a session with Knox.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
