[
https://issues.apache.org/jira/browse/KNOX-2646?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Attila Magyar resolved KNOX-2646.
---------------------------------
Resolution: Fixed
> The tokenLimitPerUser check doesn't always work.
> ------------------------------------------------
>
> Key: KNOX-2646
> URL: https://issues.apache.org/jira/browse/KNOX-2646
> Project: Apache Knox
> Issue Type: Task
> Reporter: Attila Magyar
> Assignee: Attila Magyar
> Priority: Major
> Time Spent: 1h 10m
> Remaining Estimate: 0h
>
> {code:java}
> if (tokenStateService.getTokens(p.getName()).size() == tokenLimitPerUser) {
> log.tokenLimitExceeded(p.getName());
> return Response.status(Response.Status.FORBIDDEN).entity("{ \"Unable to get
> token - token limit exceeded.\" }").build();
> }
> {code}
> We have an equality check when checking the max number of tokens per user.
> But if the user already have N number of tokens, and later the admin changes
> the gateway.knox.token.limit.per.user to a smaller number then this check
> will never trigger.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
