sling-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Mohit Arora (Jira)" <j...@apache.org>
Subject [jira] [Updated] (SLING-8869) SimpleHttpDistributionTransport does not refresh the secret for token based implementations.
Date Tue, 03 Dec 2019 08:07:00 GMT

     [ https://issues.apache.org/jira/browse/SLING-8869?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Mohit Arora updated SLING-8869:
-------------------------------
    Attachment: SLING-8869.patch

> SimpleHttpDistributionTransport does not refresh the secret for token based implementations.
> --------------------------------------------------------------------------------------------
>
>                 Key: SLING-8869
>                 URL: https://issues.apache.org/jira/browse/SLING-8869
>             Project: Sling
>          Issue Type: Bug
>          Components: Content Distribution
>            Reporter: Mohit Arora
>            Priority: Critical
>             Fix For: Content Distribution Core 0.4.2
>
>         Attachments: SLING-8869.patch
>
>
> While saving the \{{contextKeyExecutor}} in \{{DistributionTransportContext}} map, it
is not expected that the secret associated with the executor could be expired. This can happen
in case of access token based implementations where the token is expired after a certain period
of time and has to be refreshed.
> The code to refresh the token is written in the secret provider but since the executor
is [cached in the map|[https://github.com/apache/sling-org-apache-sling-distribution-core/blob/master/src/main/java/org/apache/sling/distribution/transport/impl/SimpleHttpDistributionTransport.java#L208]]
the secrets are not refreshed. It works fine for credentials based secret provider but not
for access token based.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Mime
View raw message