Connection left open when API SSO authentication fails
Bug #1318530 reported by
Michael Nelson
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Ratings and Reviews server |
Triaged
|
Medium
|
Unassigned |
Bug Description
We recently had an incident where the reviews server's credentials for the SSO API were invalid, which was fixed, but during the same time-frame, we saw the postgresql server failing due to too many connections. The timing suggests that the open connections were due to the invalid API creds.
The reviews server should terminate the connection and respond with a 401 if the lazr.restfulclient finds it can't authenticate.
More details on RT #70157
description: | updated |
To post a comment you must log in.