mina-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Guillaume Nodet (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (SSHD-300) Double public key authentication
Date Sat, 15 Mar 2014 10:39:43 GMT

    [ https://issues.apache.org/jira/browse/SSHD-300?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13936129#comment-13936129
] 

Guillaume Nodet commented on SSHD-300:
--------------------------------------

Note that when I mean caching, it's only for a given session, and all calls are consecutive,
so it should be quite safe.

> Double public key authentication
> --------------------------------
>
>                 Key: SSHD-300
>                 URL: https://issues.apache.org/jira/browse/SSHD-300
>             Project: MINA SSHD
>          Issue Type: Bug
>    Affects Versions: 0.10.1
>            Reporter: David Ostrovsky
>            Priority: Minor
>         Attachments: 0001-Add-single-public-key-auth-unit-test.patch
>
>
> PublickeyAuthenticator.authenticate() method is called twice, even though the first call
of this method already authenticated the user and returned true.
> This is a preformance issue, as server may need to hit database/caches to retrieve the
list of  public key(s) for the user to preform the check against.
> Or the authenticate() implementation needs to be adjusted to preform the check that the
user was alreay authenticated.
> Reproducer patch is attaced. The problem only occurs when the test is called from open
SSH client. Own SSHD's client works as expected.
> To reproduce, start the attached unit test as Java application, and issue the command:
>   ssh localhost -p 29418 -l joe
> [1] https://gerrit-review.googlesource.com/55193
>   



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message