Yes. This is a problem. I also see few other related problems and looks like the code could be buggy as well.
Looking at the code I see the following caches in oauth component. 1. OAuthCache 2. AppInfoCache 3. AuthorizationGrantCache 4. ClaimCache 5. SessionDataCache No (5) looks like a duplicate of the SessionDataCache in authentication-framework component. In that case we should not use this and use the one in authentication-framework. (1) - (4) doesn't seem they need to go to SessionDataStore. SessionDataStore is used to store some values for a period of time that corresponds to a particular request / session. I don't think (1), (2) and (4) are of that sort. (1), (2) and (4) already have persistent storages and have no problem if the cache expires. I.e. (1) and (2) are persisted in OAuth2 tables and (4) in user store. So we shouldn't need SessionDataStore for those. Not sure about (3), have to look into that bit more closely. @Darshana/Maduranga, can you guys please look into this immediately. This could unnecessarily drop performance of OAuth2. Thanks. On Mon, Oct 26, 2015 at 5:18 PM, Nuwan Dias <nuw...@wso2.com> wrote: > Hi, > > The length of the column SESSION_ID of the IDN_AUTH_SESSION_STORE table is > 100. But I see that the values written to that column are quite lengthy and > inserts could fail for cases like email usernames or long tenant domains or > long usernames, etc. See a sample value below. > > Eqnhj4j1X8ZJCW0ww56N7Hdzdvoa:nu...@gmail.com@carbon.super:am_application_scope > default > > The value inserted to this column seem to be a combination of several > values and hence has the potential to grow. Specially for tokens with > several scopes. > > Is it right to insert values to this column in this format? Should we not > change it since it looks to me like it'll be a problem with regard to > column lengths? > Thanks, > NuwanD. > > -- > Nuwan Dias > > Technical Lead - WSO2, Inc. http://wso2.com > email : nuw...@wso2.com > Phone : +94 777 775 729 > -- Thanks & Regards, *Johann Dilantha Nallathamby* Technical Lead & Product Lead of WSO2 Identity Server Governance Technologies Team WSO2, Inc. lean.enterprise.middleware Mobile - *+94777776950* Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>*
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
