Re: [Dev] [IS] OpenID Association Handle generation Logic and Performance Improvement

Prabath Siriwardena Wed, 03 Sep 2014 01:06:01 -0700

+1

Thanks & regards,
-Prabath



On Wed, Sep 3, 2014 at 1:09 PM, Tharindu Edirisinghe <tharin...@wso2.com>
wrote:

> Hi Prabath,
>
> Thanks for the response. In that case I guess following code change would
> be better than making the generate() method synchronized.
>
> public Association generate(String type, int expiryIn)
>
>           throws AssociationException {
>
>       String handle = storeId + timestamp + "-" + *getCounter()*;
>
>       Association association = Association.generate(type, handle,
> expiryIn);
>
>       // caching the association
>
>       cache.addToCache(association);
>
>       // persisting in the database
>
>       log.debug("Stroing association " + association.getHandle()
>
>               + " in the database.");
>
>       new
> OpenIDAssociationDAO(associationStoreType).storeAssociation(association);
>
>       return association;
>
>    }
>
>
> *private synchronized int getCounter(){*
>
>
> *       return counter++;*
>
>  *}*
>
>
>
> On Wed, Sep 3, 2014 at 12:40 PM, Prabath Siriwardena <prab...@wso2.com>
> wrote:
>
>> IIRC openid4java library expects the association handle to be in a
>> specific format - so you cannot have a generated UUID there..
>>
>> If you change it to UUID and test it you will see the exact issue..
>>
>> Thanks & regards,
>> -Prabath
>>
>>
>> On Tue, Sep 2, 2014 at 8:47 PM, Tharindu Edirisinghe <tharin...@wso2.com>
>> wrote:
>>
>>> I am working on some performance improvements on OpenID in Identity
>>> Server (using the IS 3.2.3). The method to generate Associations is
>>> synchronized and so it will lock the entire method. As I see, the reason
>>> for this is to avoid duplicate values for association handle.
>>>
>>>
>>> components/identity/org.wso2.carbon.identity.provider/3.2.0/src/main/java/org/wso2/carbon/identity/provider/openid/OpenIDServerAssociationStore.java
>>>
>>>
>>> The generate method is synchronized. According to the code, this is
>>> needed to avoid conflicts with having duplicate handle values.
>>>
>>>
>>>      public synchronized Association generate(String type, int expiryIn)
>>>
>>>           throws AssociationException {
>>>
>>>       String handle = storeId + timestamp + "-" + counter++;
>>>
>>>       Association association = Association.generate(type, handle,
>>> expiryIn);
>>>
>>>       // caching the association
>>>
>>>       cache.addToCache(association);
>>>
>>>       // persisting in the database
>>>
>>>       log.debug("Stroing association " + association.getHandle()
>>>
>>>               + " in the database.");
>>>
>>>       new
>>> OpenIDAssociationDAO(associationStoreType).storeAssociation(association);
>>>
>>>       return association;
>>>
>>>    }
>>>
>>> Suggested code is below. The getUUID() method is already synchronized.
>>>
>>> import org.apache.ws.security.util.UUIDGenerator;
>>>
>>>     public Association generate(String type, int expiryIn)
>>>
>>>           throws AssociationException {
>>>
>>>       String handle = UUIDGenerator.getUUID();
>>>
>>>       Association association = Association.generate(type, handle,
>>> expiryIn);
>>>
>>>       // caching the association
>>>
>>>       cache.addToCache(association);
>>>
>>>       // persisting in the database
>>>
>>>       log.debug("Stroing association " + association.getHandle()
>>>
>>>               + " in the database.");
>>>
>>>       new
>>> OpenIDAssociationDAO(associationStoreType).storeAssociation(association);
>>>
>>>       return association;
>>>
>>>    }
>>>
>>> Was there any specific requirement to generate the handle like below ?
>>> storeId + timestamp + "-" + counter++;
>>>
>>> Any thoughts ??
>>> --
>>>
>>> Thanks & Best Regards,
>>>
>>> Tharindu Edirisinghe
>>> Software Engineer
>>>
>>> *WSO2 Inc*
>>> *email   : tharin...@wso2.com <tharin...@wso2.com> *
>>> *mobile : +94 775 181586*
>>> *www: :http://wso2.com <http://wso2.com/> *lean . enterprise .
>>> middleware
>>>
>>>
>>>
>>> _______________________________________________
>>> Dev mailing list
>>> Dev@wso2.org
>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>
>>>
>>
>>
>> --
>> Thanks & Regards,
>> Prabath
>>
>> Twitter : @prabath
>> LinkedIn : http://www.linkedin.com/in/prabathsiriwardena
>>
>> Mobile : +94 71 809 6732
>>
>> http://blog.facilelogin.com
>> http://blog.api-security.org
>>
>
>
>
> --
>
> Thanks & Best Regards,
>
> Tharindu Edirisinghe
> Software Engineer
>
> *WSO2 Inc*
> *email   : tharin...@wso2.com <tharin...@wso2.com> *
> *mobile : +94 775 181586*
> *www: :http://wso2.com <http://wso2.com/> *lean . enterprise . middleware
>
>
>


-- 
Thanks & Regards,
Prabath

Twitter : @prabath
LinkedIn : http://www.linkedin.com/in/prabathsiriwardena

Mobile : +94 71 809 6732

http://blog.facilelogin.com
http://blog.api-security.org

_______________________________________________
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [IS] OpenID Association Handle generation Logic and Performance Improvement

Reply via email to