[jira] [Updated] (SSHD-300) Double public key authentication

[David Ostrovsky (JIRA)]

     [ 
https://issues.apache.org/jira/browse/SSHD-300?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

David Ostrovsky updated SSHD-300:
---------------------------------

    Description: 
PublickeyAuthenticator.authenticate() method is called twice, even though the 
first call of this method already authenticated the user and returned true.

This is a preformance issue, as server may need to hit database/caches to 
retrieve the list of  public key(s) for the user to preform the check against.

Or the authenticate() implementation needs to be adjusted to preform the check 
that the user was alreay authenticated.

Reproducer patch is attaced. The problem only occurs when the test is called 
from open SSH client. Own SSHD's client works as expected.

To reproduce, start the attached unit test as Java application, and issue the 
command:

  ssh localhost -p 29418 -l joe


  

  was:
PublickeyAuthenticator.authenticate() method is called twice, even though the 
first call of this method already authenticated the user and returned true.

This is apreformance issue, as server may need to hit database/caches to 
retrieve the list of  public key(s) for the user to preform the check against.

Or the authenticate() method implementation needs to be adjusted preform the 
check that the user was alreay authenticated.

Reproducer patch is attaced. The problem only occurs when the test is called 
from open SSH client. Own SSHD's client works as expected.

To reproduce, start the attached unit test as Java application, and issue the 
command:

  ssh localhost -p 29418 -l joe


  


> Double public key authentication
> --------------------------------
>
>                 Key: SSHD-300
>                 URL: https://issues.apache.org/jira/browse/SSHD-300
>             Project: MINA SSHD
>          Issue Type: Bug
>    Affects Versions: 0.10.1
>            Reporter: David Ostrovsky
>            Priority: Minor
>
> PublickeyAuthenticator.authenticate() method is called twice, even though the 
> first call of this method already authenticated the user and returned true.
> This is a preformance issue, as server may need to hit database/caches to 
> retrieve the list of  public key(s) for the user to preform the check against.
> Or the authenticate() implementation needs to be adjusted to preform the 
> check that the user was alreay authenticated.
> Reproducer patch is attaced. The problem only occurs when the test is called 
> from open SSH client. Own SSHD's client works as expected.
> To reproduce, start the attached unit test as Java application, and issue the 
> command:
>   ssh localhost -p 29418 -l joe
>   



--
This message was sent by Atlassian JIRA
(v6.2#6252)