[
https://issues.apache.org/jira/browse/GEODE-6177?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16723500#comment-16723500
]
ASF subversion and git services commented on GEODE-6177:
--------------------------------------------------------
Commit ea62d29cf3307cbd175c018f5a1ead313f511eed in geode's branch
refs/heads/feature/GEODE-6143-9 from [~mcmellawatt]
[ https://gitbox.apache.org/repos/asf?p=geode.git;h=ea62d29 ]
GEODE-6177: WAN Event processing continues after authentication fails
Due to different handling in the GatewaySenderEventRemoteDispatcher
dispatcher and ack reader threads, it was possible for event processing
to stop when a GemFireSecurityException was encountered by the ack
reader connection retry logic.
This commit attempts to share common recoverable cases between the ack
reader and dispatcher, while maintaining the cases which are specific to
each. We also added a test which ensures that if a connection is denied
due to invalid credentials upon a restart of the receiver, that the
sender can recover if it again provides valid credentials. In the process,
we removed a significant amount of duplicated and noisy code in the
NewWanAuthenticationDUnitTests.
Co-authored-by: Bill Burcham <bburc...@pivotal.io>
Co-authored-by: Ryan McMahon <rmcma...@pivotal.io>
> Gateway senders can shut down due to authentication failures
> ------------------------------------------------------------
>
> Key: GEODE-6177
> URL: https://issues.apache.org/jira/browse/GEODE-6177
> Project: Geode
> Issue Type: Bug
> Components: security, wan
> Reporter: Ryan McMahon
> Assignee: Ryan McMahon
> Priority: Major
> Labels: pull-request-available
> Time Spent: 1h 40m
> Remaining Estimate: 0h
>
> When a gateway sender connects to a gateway receiver and authentication is
> used, the receiver first determines if the provided credentials are valid.
> If they are valid, then event processing/dispatching is allowed.
> However, once the initial authentication is performed, it is possible that
> the gateway sender stops processing events if the connection with the
> receiver is destroyed and the credentials used are no longer valid
> (disallowed, password changed, etc).
> This is an edge case where the ack reader thread is the first to attempt to
> acquire the connection, rather than the dispatcher thread. The ack reader
> thread currently does not have the proper retry logic for authentication
> exceptions, while the dispatcher thread does. We should ensure that
> connection retries occur regardless of which thread gets the authentication
> exception.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
