Sandor Molnar created KNOX-2551:
-----------------------------------
Summary: Token state management improvements
Key: KNOX-2551
URL: https://issues.apache.org/jira/browse/KNOX-2551
Project: Apache Knox
Issue Type: Improvement
Components: Server
Affects Versions: 1.5.0
Reporter: Sandor Molnar
Assignee: Sandor Molnar
In this Jira a bunch of token management improvements is added:
* AliasBasedTokenStateService is the default token state service implementation
* Fixing parameter index in various token related log messages
* Knox Token related aliases are stored under
{{/knox/security/topology/__gateway/tokens}}
* Addressing the side effects of optimistic replication in Knox HA mode using
the ZK token state service
* Avoid removing --max aliases from the unpersisted in-memory collection
* ZK token state service performance improvements
** ZK token state service should configure ZKRemoteAliasService to not use
local keystore
** ZK token state service should implement {{loadTokensFromPersistenceStore}}
to avoid keystore lookup from the parent; it actually should do nothing as ZK
entry change listeners populate in-memory collections in
DefaultTokenStateService
** token eviction should run independently of
{{loadTokensFromPersistenceStore}} (not like in AliasBasedTokenStateService as
we no longer need to consider the global keystore locking in
{{DefaultKeystoreService}})
* Fixing {{addAlias}} in {{ZKRemoteAliasService}} to support saving updated
data for already existing aliases
* The token persister thread should be monitored and re-initiated n case an
error occurrs during task execution
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
