[jira] [Work logged] (KNOX-2646) The tokenLimitPerUser check doesn't always work.

Tue, 24 Aug 2021 02:27:03 -0700 


     [ 
https://issues.apache.org/jira/browse/KNOX-2646?focusedWorklogId=641013&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-641013
 ]

ASF GitHub Bot logged work on KNOX-2646:
----------------------------------------

                Author: ASF GitHub Bot
            Created on: 24/Aug/21 09:26
            Start Date: 24/Aug/21 09:26
    Worklog Time Spent: 10m 
      Work Description: zeroflag opened a new pull request #484:
URL: https://github.com/apache/knox/pull/484


   ## What changes were proposed in this pull request?
   
   We have an equality check when checking the max number of tokens per user. 
But if the user already have N number of tokens, and later the admin changes 
the gateway.knox.token.limit.per.user to a smaller number then this check will 
never trigger.
   
   ## How was this patch tested?
   
   1. Having no limit and generating N tokens
   2. Changing gateway.knox.token.limit.per.user to a lower number than N and 
restarting the service
   3. Trying to generate one more token and getting a limit exception


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@knox.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


Issue Time Tracking
-------------------

            Worklog Id:     (was: 641013)
    Remaining Estimate: 0h
            Time Spent: 10m

> The tokenLimitPerUser check doesn't always work.
> ------------------------------------------------
>
>                 Key: KNOX-2646
>                 URL: https://issues.apache.org/jira/browse/KNOX-2646
>             Project: Apache Knox
>          Issue Type: Task
>            Reporter: Attila Magyar
>            Assignee: Attila Magyar
>            Priority: Major
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> {code:java}
> if (tokenStateService.getTokens(p.getName()).size() == tokenLimitPerUser) {
>   log.tokenLimitExceeded(p.getName());
>   return Response.status(Response.Status.FORBIDDEN).entity("{ \"Unable to get 
> token - token limit exceeded.\" }").build();
> }
>  {code}
> We have an equality check when checking the max number of tokens per user. 
> But if the user already have N number of tokens, and later the admin changes 
> the gateway.knox.token.limit.per.user to a smaller number then this check 
> will never trigger.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Reply via email to