The updated reference to this defect is:
http://jira.jboss.com/jira/browse/JBAS-977
Alexander
View the original post :
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3863078#3863078
Reply to the post :
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3863078
-
The scalability of the JaasSecurityManager.isValid method is a known issue and
has an existing sourceforge bug:
[ 974735 ] Slow performance of JaasSecurityManager
http://sourceforge.net/tracker/index.php?func=detail&aid=974735&group_id=22866&atid=376685
The getActiveSubject is useless and not pa
Hey,
Nothing to do with the issue presented but we also had several performance
problems with the login phase and we simply used 2 different approaches for the
login strategy.
First login using standard user/password login with costly database lookup of
credentials, principals etc.
In this lo
Hi.
Sorry, may be I missed something. Was this issue resolved (I did not manage to
find this item <376687> in the list)?
In addition, I did not catch the idea of the following method (version 3.2.6)
org.jboss.security.plugins.JaasSecurityManager
lines 114-121:
/** Get the currently authent
Warning: dont do what we did, it broke things badly, making it possible for identity
switches to occur mid-flight. The problem is with the shared use of the
CallbackHandler (SecurityAssociationHandler). JaasSecurityManager uses the same
instance of the handler to transfer principal/credentials b
Improving the concurrency of the isValid method is on the todo list. You can post your
patch to sourceforge and I'll look at it.
http://sourceforge.net/tracker/?group_id=22866&atid=376687
View the original post :
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3823507#3823507
Reply t
Hi,
Thanks for confirming the issue that we are seeing. I thought we might be going crazy
there for a moment.
cheers
craig
View the original post :
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3823476#3823476
Reply to the post :
http://www.jboss.org/index.html?module=bb&op=postin
We discovered the same problem this week. In our case a login module blocked at the
database by another transaction led to a system wide deadlock.
It looks like there was an attempt to fix this last year, but the fix was rolled back
a few days later:
> Mon Sep 15 15:52:01 2003 UTC (5 months, 1
We have replaced JaasSecurityManager with our own version that synchronizes on
principal-keyed locks. It looks safe enough, and performance is greatly improved. Its
trivial code, but I can submit it if anyone wants it.
c
View the original post :
http://www.jboss.org/index.html?module=bb&op=v