[
https://issues.apache.org/jira/browse/KNOX-2233?focusedWorklogId=386203&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-386203
]
ASF GitHub Bot logged work on KNOX-2233:
----------------------------------------
Author: ASF GitHub Bot
Created on: 12/Feb/20 20:24
Start Date: 12/Feb/20 20:24
Worklog Time Spent: 10m
Work Description: pzampino commented on pull request #264: KNOX-2233 -
DefaultKeystoreService getCredentialForCluster uses cacheā¦
URL: https://github.com/apache/knox/pull/264#discussion_r378492834
##########
File path:
gateway-server/src/main/java/org/apache/knox/gateway/services/security/impl/DefaultKeystoreService.java
##########
@@ -309,25 +309,30 @@ public void addCredentialForCluster(String clusterName,
String alias, String val
@Override
public char[] getCredentialForCluster(String clusterName, String alias)
throws KeystoreServiceException {
- char[] credential = checkCache(clusterName, alias);
- if (credential == null) {
- KeyStore ks = getCredentialStoreForCluster(clusterName);
- if (ks != null) {
- try {
- char[] masterSecret = masterService.getMasterSecret();
- Key credentialKey = ks.getKey( alias, masterSecret );
- if (credentialKey != null) {
- byte[] credentialBytes = credentialKey.getEncoded();
- String credentialString = new String( credentialBytes,
StandardCharsets.UTF_8 );
- credential = credentialString.toCharArray();
- addToCache(clusterName, alias, credentialString);
+ char[] credential;
+
+ synchronized (this) {
Review comment:
The intention here is to complete the existing synchronization pattern. More
drastic changes merit a separate JIRA IMO.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
Issue Time Tracking
-------------------
Worklog Id: (was: 386203)
Time Spent: 0.5h (was: 20m)
> DefaultKeystoreService getCredentialForCluster uses cache without
> synchronization
> ---------------------------------------------------------------------------------
>
> Key: KNOX-2233
> URL: https://issues.apache.org/jira/browse/KNOX-2233
> Project: Apache Knox
> Issue Type: Bug
> Components: Server
> Affects Versions: 1.4.0
> Reporter: Philip Zampino
> Assignee: Philip Zampino
> Priority: Major
> Time Spent: 0.5h
> Remaining Estimate: 0h
>
> The getCredentialForCluster(String, String) method of DefaultKeystoreService
> invokes checkCache(String, String) and addToCache(String, String) without any
> synchronization, despite the comments on those methods indicating that they
> are only called within critical sections of other methods. This method should
> be synchronized similar to what is done for the
> addCredentialForCluster(String, String, String) and
> removeCredentialForCluster(String, String) method implementations therein.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
