[MXS-3623] Race condition in persistent connections - Jira

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Major
Resolution: Fixed
Affects Version/s: 2.5.13
Fix Version/s: 2.5.14
Component/s: Core
Labels:
None

Description

If a connection is taken from the persistent connection pool and a COM_CHANGE_USER is sent through it immediately with a different set of credentials, the backend server can potentially reject the authentication if it sends an AuthSwitchRequest packet as a response.

This is caused by the use of the shared data structure across two different requests. As the COM_CHANGE_USER changes the active credentials to something else, the auth token sent as the response to the AuthSwitchRequest is the one in the COM_CHANGE_USER and not the one that was sent by the original COM_CHANGE_USER used to reset the persistent connection. Since the consistency can only be guaranteed for the duration of a single event, the current auth token must be stored for the duration of the COM_CHANGE_USER.

Attachments

Activity

People

Assignee:: markus makela

Reporter:: markus makela

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 2021-06-17 13:41

Updated:: 2021-06-21 07:35

Resolved:: 2021-06-21 07:35

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.