[
https://issues.apache.org/jira/browse/KNOX-2777?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sandor Molnar reassigned KNOX-2777:
-----------------------------------
Assignee: Sandor Molnar
> Implement concurrent session verifier
> -------------------------------------
>
> Key: KNOX-2777
> URL: https://issues.apache.org/jira/browse/KNOX-2777
> Project: Apache Knox
> Issue Type: Sub-task
> Components: Server
> Affects Versions: 2.0.0
> Reporter: Sandor Molnar
> Assignee: Sandor Molnar
> Priority: Major
> Fix For: 2.0.0
>
> Time Spent: 2h 40m
> Remaining Estimate: 0h
>
> The following needs to be implemented in the scope of this JIRA:
> * we need 4 new Gateway-level configurations:
> ** privileged user list (defaults to an empty collection)
> ** non-privileged user list (defaults to an empty collection)
> ** session limit for privileged users (defaults to 3)
> ** session limit for non-privileged users (defaults to 2)
> * if a session limit for any of the groups is set to a negative number, that
> means the users in that group are allowed to have an unlimited number of
> sessions
> * In addition to the new configs, a verifier has to be implemented that
> enforces the following business logic: if a user is listed in the
> above-introduced privileged/non-privileged collection AND is about to pass a
> configured session limit the verification should fail. The verification
> should succeed if the given user is declared neither a privileged nor a
> non-privileged user.
> The new verifier implementation may be placed in the {{gateway-spi-common}}
> project for now.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
