[
https://issues.apache.org/jira/browse/SSHD-300?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13936157#comment-13936157
]
David Ostrovsky commented on SSHD-300:
--------------------------------------
Uploaded a patch with naive attemt to fix it.
> Double public key authentication
> --------------------------------
>
> Key: SSHD-300
> URL: https://issues.apache.org/jira/browse/SSHD-300
> Project: MINA SSHD
> Issue Type: Bug
> Affects Versions: 0.10.1
> Reporter: David Ostrovsky
> Priority: Minor
> Attachments: 0001-Prevent-double-public-key-authentication.patch
>
>
> PublickeyAuthenticator.authenticate() method is called twice, even though the
> first call of this method already authenticated the user and returned true.
> This is a preformance issue, as server may need to hit database/caches to
> retrieve the list of public key(s) for the user to preform the check against.
> Or the authenticate() implementation needs to be adjusted to preform the
> check that the user was alreay authenticated.
> Reproducer patch is attaced. The problem only occurs when the test is called
> from open SSH client. Own SSHD's client works as expected.
> To reproduce, start the attached unit test as Java application, and issue the
> command:
> ssh localhost -p 29418 -l joe
> [1] https://gerrit-review.googlesource.com/55193
>
--
This message was sent by Atlassian JIRA
(v6.2#6252)
