Project

General

Profile

Actions

Defect #606

closed

IdmIdentityService.updateAuthorityChange should be thread-safe

Added by Alena Peterová over 4 years ago. Updated over 3 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Radek Tomiška
Category:
Authentication / Authorization
Target version:
Start date:
07/27/2017
Due date:
% Done:

100%

Estimated time:
Affected versions:

Description

The method updateAuthorityChange is not thread-safe. When called multiple times at the same time for the same identities, it could happen that some identity would be stored in the AuthChangeRepository multiple times. That would cause exceptions during authentization of this identity (wouldn't be able to authenticate).
(It happened to me when I tried to use this method in auth filter, so it was called several times parallel for the same user. The only fix was to clear idm_authority_change table in DB.)

Also the method shouldn't change the input parameter "identities" - the programmer doesn't expect it :-)


Related issues

Related to CzechIdM - Task #636: Reduce JWT token sizeClosedRadek Tomiška08/08/2017

Actions
Actions #1

Updated by Radek Tomiška over 4 years ago

  • Assignee changed from Vít Švanda to Jan Helbich
Actions #2

Updated by Radek Tomiška over 4 years ago

  • Tracker changed from Task to Defect
Actions #3

Updated by Jan Helbich over 4 years ago

  • Assignee changed from Jan Helbich to Radek Tomiška

The method has been refactored while working on some other issue and behaves correctly now.

Unfortunately I could not reproduce the thread-unsafe issue.
I propose an addion of unique constraint onto the idm_authority_change table#identity.

Actions #4

Updated by Vít Švanda over 4 years ago

  • Target version changed from Diamond (7.4.0) to Emerald (7.5.0)
Actions #5

Updated by Radek Tomiška over 4 years ago

  • Target version deleted (Emerald (7.5.0))
Actions #6

Updated by Radek Tomiška over 3 years ago

  • Status changed from New to Closed
  • Target version set to Lapis (8.2.0)
  • % Done changed from 0 to 100

Solved by #636, review will be done there.

Actions #7

Updated by Radek Tomiška over 3 years ago

  • Related to Task #636: Reduce JWT token size added
Actions

Also available in: Atom PDF