[jira] [Work logged] (KNOX-2544) Token-based providers should cache successful token verifications

Tue, 27 Apr 2021 11:53:08 -0700 


     [ 
https://issues.apache.org/jira/browse/KNOX-2544?focusedWorklogId=589956&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-589956
 ]

ASF GitHub Bot logged work on KNOX-2544:
----------------------------------------

                Author: ASF GitHub Bot
            Created on: 27/Apr/21 18:52
            Start Date: 27/Apr/21 18:52
    Worklog Time Spent: 10m 
      Work Description: pzampino opened a new pull request #440:
URL: https://github.com/apache/knox/pull/440


   …3rd-party) token verifications
   
   ## What changes were proposed in this pull request?
   
   This is a return to KNOX-2544 to address some shortcomings with the previous 
attempt. With these changes:
   - Third-party JWTs (any without the internal Knox UUID) are supported in the 
signature verification caching optimization.
   - The cache has been separated from the JWT providers, such that it can be 
shared by multiple instances of the same JWT provider associated with the a 
single topology. The caches are still topology specific; They're just no longer 
bound to a single JWT provider(i.e., filter) instance.
   
   ## How was this patch tested?
   
   - `mvn -Ppackage,release clean install`
   - Modified AbstractJWTFilterTest and HadoopAuthFilterTest
   - Added 
org.apache.knox.gateway.provider.federation.jwt.filter.SignatureVerificationCacheTest
   - Still performing manual testing, but wanted to get the review started.
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
[email protected]


Issue Time Tracking
-------------------

            Worklog Id:     (was: 589956)
    Remaining Estimate: 0h
            Time Spent: 10m

> Token-based providers should cache successful token verifications
> -----------------------------------------------------------------
>
>                 Key: KNOX-2544
>                 URL: https://issues.apache.org/jira/browse/KNOX-2544
>             Project: Apache Knox
>          Issue Type: Improvement
>          Components: Server
>    Affects Versions: 1.5.0
>            Reporter: Philip Zampino
>            Assignee: Philip Zampino
>            Priority: Major
>             Fix For: 1.6.0
>
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> The token-based providers should record the successful verification of tokens 
> in a LRU-like cache to minimize the frequency of performing the expensive 
> (CPU-intensive) operation.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Reply via email to