Smart mirrors delegate authentication and authorisation to the primary, but also maintain a 'credentials cache' and a 'permissions cache'. Side note: this cache does not contain your passwords or SSH keys. Instead it stores a cryptographic hash of your password, which can be used to validate provided credentials.
When the primary is (temporarily) unavailable, the mirror will fall back to authenticating locally using it's credentials cache. Users that have accesses a repository from the mirror will have their credentials and permissions cached and be able to access that repository from the mirror even if the primary is unavailable.
The authentication and permission caches are cleared on restart.
Hope that clears things up a bit!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.