[jira] [Assigned] (KNOX-2969) For user-limit to fetch token calculation includes enabled and disabled SSO token count as well, causing failure in generating the JWT token from token gen page

Sandor Molnar (Jira) Wed, 18 Oct 2023 00:46:03 -0700


     [ 
https://issues.apache.org/jira/browse/KNOX-2969?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Sandor Molnar reassigned KNOX-2969:
-----------------------------------

    Assignee: Sandor Molnar

> For user-limit to fetch token calculation includes enabled and disabled SSO 
> token count as well, causing failure in generating the JWT token from token 
> gen page
> ----------------------------------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: KNOX-2969
>                 URL: https://issues.apache.org/jira/browse/KNOX-2969
>             Project: Apache Knox
>          Issue Type: Bug
>          Components: TokenGenerationUI
>    Affects Versions: 2.1.0
>            Reporter: J.Andreina
>            Assignee: Sandor Molnar
>            Priority: Major
>         Attachments: image-2023-10-18-12-45-37-741.png, 
> image-2023-10-18-12-45-47-121.png, image-2023-10-18-12-46-28-490.png
>
>
> +*{color:#de350b}PROBLEM STATEMENT:\{color}*+
> For token limit on a user calculation includes enabled and disabled SSO token 
> as well, causing failure in generating the JWT token from token gen page
> +*BUILDS:*+
> 2.1.0
>  
> +*STEPS TO REPRODUCE:*+
>  # Deploy ycloud cluster with above gbn.
>  # Configure below from CM UI
>  # 
> knox.global.logout.page.url=[https://**********,|https://%2A%2A%2A%2A%2A%2A%2A%2A%2A%2A%2C/]
>   knoxsso_cookie_management_enabled - enable 
> gateway.knox.token.management.users.can.see.all.tokens = hrt_qa, hrt_1 
>  # Access knox home page using hrt_22 user 
>  # Disable the hrt_22 SSO token from hrt_qa token management page
>  # Repeat operation 4-5 for 15 times 
>  # Now login to token generation page using hrt_22 user
>  # Generate the jwt token
> +*CURRENT BEHAVIOUR:*+
> Token generation fails saying user limit exceeded , though not even one 
> non-sso token is generated by hrt_22 user
> !image-2023-10-18-12-45-47-121.png|width=1129,height=344! 
> !image-2023-10-18-12-46-28-490.png|width=1009,height=285!
> +*EXPECTED BEHAVIOUR:*+
> SSO token should not be considered for per user limit to generate the token 
> calculation . 
> Even though we have 15+ SSO tokens (in enabled/disabled state) , user should 
> be able to generate 10 tokens as "gateway.knox.token.limit.per.user" default 
> value is 10
> +*OCCURRENCE:*+
> Reproducible
> +*IMPACT:*+
> If multiple SSO token for user is available then user will not be able to 
> generate jwt token from token generation page



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Assigned] (KNOX-2969) For user-limit to fetch token calculation includes enabled and disabled SSO token count as well, causing failure in generating the JWT token from token gen page

Reply via email to