-
Type: Improvement
-
Resolution: Fixed
-
Priority: Major - P3
-
Affects Version/s: None
-
Component/s: Internal Code
-
None
-
Fully Compatible
-
Security 2021-01-25, Security 2021-02-08, Security 2021-02-22
The AuthenticationSession should be created and begin its lifecycle during the first step of the authentication exchange. This can, but does not strictly have to, be during SASL mechanism negotiation.
The Session should store a UserHandle for the user object it obtains during this step. This will hold the User in the user cache for the life of the authentication attempt. This object should be reused for steps in the authentication process. We will need to create some glue to ensure that the User is valid before it is used, and authentication aborts if it is not.
- is depended on by
-
SERVER-52862 Move logAuthentication hooks to AuthenticationSession
- Closed