[
https://issues.apache.org/jira/browse/QPID-8219?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16546436#comment-16546436
]
Alex Rudyy commented on QPID-8219:
----------------------------------
Keith,
You are right both SimpleLdap and OAUTH2 authentication providers are affected
by the defect. I corrected JIRA title and description to reflect that.
> [Broker-J] Authentication results are cached in SimpleLdap and OAUTH2
> authentication providers per connection basis
> -------------------------------------------------------------------------------------------------------------------
>
> Key: QPID-8219
> URL: https://issues.apache.org/jira/browse/QPID-8219
> Project: Qpid
> Issue Type: Bug
> Components: Broker-J
> Affects Versions: qpid-java-6.1.6, qpid-java-broker-7.0.3,
> qpid-java-broker-7.0.2, qpid-java-6.1, qpid-java-6.1.1, qpid-java-6.1.2,
> qpid-java-6.1.3, qpid-java-6.1.4, qpid-java-broker-7.0.0, qpid-java-6.1.5,
> qpid-java-broker-7.0.1, qpid-java-broker-7.0.4, qpid-java-broker-7.0.5,
> qpid-java-broker-7.0.6
> Reporter: Alex Rudyy
> Priority: Major
> Fix For: qpid-java-6.1.7, qpid-java-broker-7.1.0,
> qpid-java-broker-7.0.7
>
>
> SimpleLdap and OAUTH2 authentication providers were supposed to cache
> authentication results per remote host basis. Thus, when connections are made
> from the same host using the same credentials, the cached authentication
> result should be reused. The current caching approach takes into
> consideration an ephemeral port of the connection. As result, a new
> connection from the same host with the same credentials cannot reuse previous
> authentication result due to a different ephemeral port.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org
