THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
We need to make sure in the following scenarios, the behavior will be acceptable and shouldn't introduce any security leaks:
- multi-user mode
- Make sure in this mode, expiring one user doesn't interrupt the other user's connections.
- register interests and CQ
- In these cases, when the user making the CQ and registered interests has expired, no further data will be sent back to the user unless re-authenticated.
- function execution on servers
- we will need to verify that when user expires, function executions on all servers will be stopped and re-authenticated.
Performance Impact
For on-demand re-authentication, credential expiration is discovered by the server, the client gets the notification then initiate re-authentication. Client operations will be interrupted at some period, the client will try re-authenticate only once for this operation again, hopefully the 2nd time, it will succeed.
...