You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In the tmail-apisix-plugin-runner plugin, we currently have a TokenRevokedFilter. This filter is responsible for checking whether the token in the request has been revoked previously by querying Redis.
The issue arises when Redis is down, causing the checking process to take a significant amount of time and resulting in the inability to perform login and logout flows.
Add a parameter ignoreRedisErrors (defaulting to false), it can be configurable. If turned to true, if redis fails we ignore the logout flow, effectively preserving the service at a cost of a bit of security.
DOD
Add test case at com.linagora.apisix.plugin.RedisRevokedTokenRepositoryTest
Document
The text was updated successfully, but these errors were encountered:
Context
In the
tmail-apisix-plugin-runner plugin
, we currently have aTokenRevokedFilter
. This filter is responsible for checking whether the token in the request has been revoked previously by querying Redis.The issue arises when Redis is down, causing the checking process to take a significant amount of time and resulting in the inability to perform login and logout flows.
Ref: #1013
How to resolve it
ignoreRedisErrors
(defaulting to false), it can be configurable. If turned to true, if redis fails we ignore the logout flow, effectively preserving the service at a cost of a bit of security.DOD
com.linagora.apisix.plugin.RedisRevokedTokenRepositoryTest
The text was updated successfully, but these errors were encountered: