Uploaded image for project: 'JOC - JobScheduler Operations Center'
  1. JOC - JobScheduler Operations Center
  2. JOC-895

Session sharing in a JOC Cockpit Cluster should work

    XMLWordPrintable

Details

    • Fix
    • Status: Released (View Workflow)
    • Minor
    • Resolution: Fixed
    • 1.13.3
    • 1.13.4
    • None

    Description

      Current Situation

      If JOC Cockpit instance A creates a session with access token x and is configured like this

      sessionDAO = com.sos.auth.shiro.SOSDistributedSessionDAO
securityManager.sessionManager.sessionDAO = $sessionDAO

      then the access token cannot be used in JOC Cockpit instance B.

      Desired Behavior

      If JOC Cockpit instande A creates a session with access token x and is configured like this

      sessionDAO = com.sos.auth.shiro.SOSDistributedSessionDAO
securityManager.sessionManager.sessionDAO = $sessionDAO

      the it should be possible to use the access token in JOC Cockpit B as header parameter X-ACCESS-TOKEN for any request.

      Patch

      A patch is available here

      Attachments

        Issue Links

          relates to

          Fix - JOC-876 Update use of shiro-core version to >= 1.4.2 due to 3rd party vulnerability issue CVE-2019-12422

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Released
          links to

          Web Link Patch for JOC-895

          Activity

            People

              ur Uwe Risse
              ur Uwe Risse
              Anuj Mandloi Anuj Mandloi (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: