[SERVER-61535] Redesign user invalidation code Created: 16/Nov/21  Updated: 06/Dec/22  Resolved: 25/Jan/22

Status: Closed
Project: Core Server
Component/s: None
Affects Version/s: 5.2.0
Fix Version/s: None

Type: Improvement Priority: Major - P3
Reporter: Sergey Galtsev (Inactive) Assignee: Backlog - Security Team
Resolution: Duplicate Votes: 0
Labels: tech-debt
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Gantt Dependency
has to be done after SERVER-61038 Invalidate __system sessions after ru... Closed
Related
Assigned Teams:
Server Security
Participants:

 Description   

In SERVER-61038 the patchwork was introduced with a goal of dropping __system connections when they become invalid. The code is suboptimal as far as read-ability because it introduces another edge case, where none should exist. We decided to merge that patch as-is, but refactor the authorization code before 6.0 to make it straightforward


Generated at Thu Feb 08 05:52:41 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.