kirklund commented on a change in pull request #6804:
URL: https://github.com/apache/geode/pull/6804#discussion_r697024808
##########
File path:
geode-core/src/upgradeTest/java/org/apache/geode/security/AuthExpirationDUnitTest.java
##########
@@ -77,6 +79,54 @@ public void after() {
ExpirableSecurityManager.reset();
}
+ @Test
+ public void clientWithNoUserRefreshWillNotSucceed() throws Exception {
Review comment:
[Dale and I are reviewing this together]
What does the client not succeed at? Does this mean that a client without
some sort of refresh will fail authorized operations after it expires?
The old tests are:
* clientShouldReAuthenticateWhenCredentialExpiredAndOperationSucceed
* userShouldReAuthenticateWhenCredentialExpiredAndOperationSucceed
The new test is `clientWithNoUserRefreshWillNotSucceed`. Is there a
difference between `client` and `user`?
How does a client become non-refreshable? Is that the right description of
what a client is that cannot or does not become re-authenticated (as per the
names of the other two tests)?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
