Github user IsurangaPerera commented on the issue:
https://github.com/apache/syncope/pull/70
@ilgrosso As I understand in SAML SP logic always replaced. So even when we
logged, as usual, the access token may changed by SAML SP. So I can understand
the importance of what replaceExisitng flag does. After imposing the UNIQUE
constraint as in my implementation replaceExisting == true works as
expected(always).But sometimes even if the flag is false the token may be
replaced (scenario discussed in mail thread). But this is only when the same
user tries to log in at the same time & thread not safe problem aise. Anyway
this approach is far better than using locks which causes performance drop and
this is a rare case as well. What do you think?
---
