[jira] [Work started] (KNOX-2611) Token-based providers should cache unsuccessful signature verifications

Philip Zampino (Jira) Thu, 03 Jun 2021 08:32:01 -0700


     [ 
https://issues.apache.org/jira/browse/KNOX-2611?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Work on KNOX-2611 started by Philip Zampino.
--------------------------------------------
> Token-based providers should cache unsuccessful signature verifications
> -----------------------------------------------------------------------
>
>                 Key: KNOX-2611
>                 URL: https://issues.apache.org/jira/browse/KNOX-2611
>             Project: Apache Knox
>          Issue Type: Bug
>          Components: Server
>    Affects Versions: 1.6.0
>            Reporter: Philip Zampino
>            Assignee: Philip Zampino
>            Priority: Major
>
> Similar to KNOX-2544, by which the token-base providers cache SUCCESSFUL 
> signature verifications to avoid having to re-verify the same token 
> repeatedly, this issue would add caching of UNSUCCESSFUL signature 
> verifications toward the goal of preventing DOS-type attacks with "known bad" 
> tokens.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Work started] (KNOX-2611) Token-based providers should cache unsuccessful signature verifications

Reply via email to