Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

KNOX-2969 - KnoxSSO Cookies should be ignored while calculating token limit per user #805

Merged
merged 1 commit into from
Oct 18, 2023

Conversation

smolnar82
Copy link
Contributor

What changes were proposed in this pull request?

Modified the logic used for calculating the token limit per user in a way such that it ignores the previously generated KnoxSSO cookies. That is, a user can have as many KnoxSSO cookies as they want, but regular tokens are still limited.

How was this patch tested?

Updated JUnit tests and executed manual testing:

  1. Kept the default token limit per user = 10
  2. I had three different sessions in different browsers as the admin user
  3. Disabled one session
  4. In one of the remaining sessions generated 10 tokens successfully (please note even the 8th, 9th, and 10th tokens were generated despite the fact I already had 3 KnoxSSO tokens for the same user)
  5. The 11th token generation failed as expected
Screenshot 2023-10-18 at 13 24 10 Screenshot 2023-10-18 at 13 24 21 Screenshot 2023-10-18 at 13 24 31

@smolnar82 smolnar82 self-assigned this Oct 18, 2023
@smolnar82 smolnar82 merged commit eef24f4 into apache:master Oct 18, 2023
2 checks passed
@smolnar82 smolnar82 deleted the KNOX-2969 branch October 18, 2023 14:44
stoty pushed a commit to stoty/knox that referenced this pull request May 14, 2024
…ating token limit per user (apache#805)

Change-Id: I7248ef2da620b2bdd81223d83d3a14acf5ee7deb
stoty pushed a commit to stoty/knox that referenced this pull request May 14, 2024
…into cdpd-master

* changes:
  CDPD-62588, KNOX-2972: Session resource can generate application logout URL with profile/topologies query parameters (apache#808)
  CDPD-62595, KNOX-2970: Removing KnoxSSO cookie from the token state service upon logout (apache#806)
  CDPD-62598, KNOX-2971: Applying word wrapping in the comment and metadata columns on the Token Management UI (apache#807)
  CDPD-62592, KNOX-2969: KnoxSSO Cookies should be ignored while calculating token limit per user (apache#805)
  CDPD-62585, KNOX-2968: Batch token enable action should succeed even if enabled KnoxSSO cookies are selected (apache#804)
  CDPD-61809, KNOX-2961: Knox SSO cookie Invalidation - Phase II (apache#799)
  CDPD-61184, KNOX-2961: Knox SSO cookie Invalidation - Phase I (apache#797)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants