[JITL-607] Checkhistory job should not reuse login credential from different users - SOS JIRA

XML

Word

Printable

Details

Type: Fix
Status: Released (View Workflow)
Priority: Minor
Resolution: Fixed
Affects Version/s: 1.12, 1.13
Fix Version/s: 1.12.13, 1.13.4
Labels:
None

Description

Current Situation

Wenn a user credential is used for the JobSchedulerCheckHistoryJSAdapterClass job, and the job JobSchedulerStartLatecomersJSAdapterClass must have a valid login. The login credentials may come from the private.conf configuration file or parameters. The parameter values may come from a credential store.
When user A logged in successully a valid access token is available. When now user B logs in then the access token from the user A login will be reused. Also the login from user A is reused when the password for the credential store is wrong.

Desired Behavior

When a user logs in an access token will be genereates. This access token only should be reused by this user. When another user logs in, a new access token should be created. An exception should be thrown when the password for the credential store is wrong.

How to approve

Login with user A. Then try to login with user B that have no valid credentials e.g. a wrong password. This login should be rejected.

Attachments

Issue Links

relates to

JITL-628 Using CreateApiAccessToken post processor should create a new access_token when the user in private.conf is changed

Released

Activity

People

Assignee:: Uwe Risse

Reporter:: Uwe Risse

Approver:: Aditi Dubey (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 19 March 2020 11:43

Updated:: 17 August 2020 11:37

Resolved:: 03 June 2020 13:59