Project

General

Profile

Actions
Copy link

Defect #606

closed

IdmIdentityService.updateAuthorityChange should be thread-safe

Added by Alena Peterová over 7 years ago. Updated over 6 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Radek Tomiška
Category:
Authentication / Authorization
Target version:
Lapis (8.2.0)
Start date:
07/27/2017
Due date:
% Done:

100%

Estimated time:
Affected versions:
Owner:

Description

The method updateAuthorityChange is not thread-safe. When called multiple times at the same time for the same identities, it could happen that some identity would be stored in the AuthChangeRepository multiple times. That would cause exceptions during authentization of this identity (wouldn't be able to authenticate).
(It happened to me when I tried to use this method in auth filter, so it was called several times parallel for the same user. The only fix was to clear idm_authority_change table in DB.)

Also the method shouldn't change the input parameter "identities" - the programmer doesn't expect it :-)

Related issues

Related to IdStory Identity Manager - Task #636: Reduce JWT token sizeClosedRadek Tomiška08/08/2017

Actions
Actions
Copy link

Also available in: Atom PDF