[GitHub] [geode] jinmeiliao commented on a change in pull request #7063: GEODE-9746: do not logout old subjects immediately when we get a new subject for the same uniqueId

Tue, 02 Nov 2021 15:38:14 -0700 


jinmeiliao commented on a change in pull request #7063:
URL: https://github.com/apache/geode/pull/7063#discussion_r741509801



##########
File path: 
geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/ClientUserAuths.java
##########
@@ -16,29 +16,44 @@
 
 import static 
org.apache.geode.cache.client.internal.AuthenticateUserOp.NOT_A_USER_ID;
 
+import java.util.ArrayList;
 import java.util.Collection;
 import java.util.Collections;
+import java.util.List;
 import java.util.Map;
 import java.util.Random;
 import java.util.concurrent.ConcurrentHashMap;
 import java.util.concurrent.ConcurrentMap;
+import java.util.stream.Collectors;
 
 import org.apache.logging.log4j.Logger;
 import org.apache.shiro.subject.Subject;
+import org.jetbrains.annotations.NotNull;
+import org.jetbrains.annotations.TestOnly;
 
 import org.apache.geode.annotations.VisibleForTesting;
 import org.apache.geode.internal.security.AuthorizeRequest;
 import org.apache.geode.internal.security.AuthorizeRequestPP;
 import org.apache.geode.logging.internal.log4j.api.LogService;
 
+/**
+ * This is per ServerConnection or per CacheClientProxy, corresponding to only 
one client
+ * connection.
+ * Credentials should usually be just one, only multiple in multi-user case.
+ */
 public class ClientUserAuths {
   private static final Logger logger = LogService.getLogger();
 
   private final ConcurrentMap<Long, UserAuthAttributes> uniqueIdVsUserAuth =
       new ConcurrentHashMap<>();
   private final ConcurrentMap<String, UserAuthAttributes> cqNameVsUserAuth =
       new ConcurrentHashMap<>();
-  private final ConcurrentMap<Long, Subject> uniqueIdVsSubject = new 
ConcurrentHashMap<>();
+  // use a list to store all the subjects that's created for this uniqueId
+  // In the expirable credential case, there will be multiple
+  // subjects created associated with one uniqueId. We always save the current 
subject to the top of
+  // the list. The rest are "to-be-retired".
+  private final ConcurrentMap<Long, List<Subject>> uniqueIdVsSubject =

Review comment:
       done

##########
File path: 
geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/ClientUserAuths.java
##########
@@ -90,28 +120,29 @@ public UserAuthAttributes getUserAuthAttributes(final Long 
userId) {
   }
 
   @VisibleForTesting
+  @TestOnly
   protected Collection<Subject> getSubjects() {

Review comment:
       done




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to