[jira] [Work logged] (KNOX-2778) Enforce concurrent session limit in KnoxSSO

[ASF GitHub Bot (Jira)]

     [ 
https://issues.apache.org/jira/browse/KNOX-2778?focusedWorklogId=798828&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-798828
 ]

ASF GitHub Bot logged work on KNOX-2778:
----------------------------------------

                Author: ASF GitHub Bot
            Created on: 08/Aug/22 08:51
            Start Date: 08/Aug/22 08:51
    Worklog Time Spent: 10m 
      Work Description: zeroflag commented on code in PR #615:
URL: https://github.com/apache/knox/pull/615#discussion_r939989584


##########
gateway-server/src/test/java/org/apache/knox/gateway/session/control/ConcurrentSessionVerifierTest.java:
##########
@@ -106,25 +110,25 @@ public void userIsNotPrivileged() {
   }
 
   @Test
-  public void privilegedLimitIsZero() {
+  public void privilegedLimitIsZero() throws ServiceLifecycleException {
     GatewayConfig config = mockConfig(new HashSet<>(Arrays.asList("admin")), 
new HashSet<>(Arrays.asList("tom", "guest")), 0, 2);
-    verifier.init(config);
+    verifier.init(config, options);
 
     Assert.assertFalse(verifier.verifySessionForUser("admin"));
   }
 
   @Test
-  public void nonPrivilegedLimitIsZero() {
+  public void nonPrivilegedLimitIsZero() throws ServiceLifecycleException {
     GatewayConfig config = mockConfig(new HashSet<>(Arrays.asList("admin")), 
new HashSet<>(Arrays.asList("tom", "guest")), 3, 0);
-    verifier.init(config);
+    verifier.init(config, options);
 
     Assert.assertFalse(verifier.verifySessionForUser("tom"));
   }
 
   @Test
-  public void sessionsDoNotGoToNegative() {
+  public void sessionsDoNotGoToNegative() throws ServiceLifecycleException {
     GatewayConfig config = mockConfig(new HashSet<>(Arrays.asList("admin")), 
new HashSet<>(Arrays.asList("tom", "guest")), 2, 2);
-    verifier.init(config);
+    verifier.init(config, options);
 
     Assert.assertNull(verifier.getUserConcurrentSessionCount("admin"));

Review Comment:
   As far as I remember, It was related to removing the session info from the 
map altogether so that it won't take any space in the Map when the counter goes 
zero, isn't it? 





Issue Time Tracking
-------------------

    Worklog Id:     (was: 798828)
    Time Spent: 3h 10m  (was: 3h)

> Enforce concurrent session limit in KnoxSSO
> -------------------------------------------
>
>                 Key: KNOX-2778
>                 URL: https://issues.apache.org/jira/browse/KNOX-2778
>             Project: Apache Knox
>          Issue Type: Sub-task
>          Components: Server
>    Affects Versions: 2.0.0
>            Reporter: Sandor Molnar
>            Assignee: Balazs Marton
>            Priority: Major
>             Fix For: 2.0.0
>
>          Time Spent: 3h 10m
>  Remaining Estimate: 0h
>
> Once, KNOX-2777 is ready, the next step is to wire that verifier 
> implementation into the KnoxSSO flow such as it throws an authorization error 
> (FORBIDDEN; 403) when a user tries to log in to UIs (both Knox's own UIs or 
> UIs proxied by Knox) but that user exceeds the configured concurrent session 
> limit.
> Basic logout handling should be covered too:
>  * manually clicking on the logout button
>  * subscribing to a session timeout event (you may want to talk to [~smore] 
> about this)



--
This message was sent by Atlassian Jira
(v8.20.10#820010)