The updated reference to this defect is:
http://jira.jboss.com/jira/browse/JBAS-977
Alexander
View the original post :
http://www.jboss.org/index.html?module=bbop=viewtopicp=3863078#3863078
Reply to the post :
http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3863078
Hi.
Sorry, may be I missed something. Was this issue resolved (I did not manage to
find this item 376687 in the list)?
In addition, I did not catch the idea of the following method (version 3.2.6)
org.jboss.security.plugins.JaasSecurityManager
lines 114-121:
/** Get the currently
Hey,
Nothing to do with the issue presented but we also had several performance
problems with the login phase and we simply used 2 different approaches for the
login strategy.
First login using standard user/password login with costly database lookup of
credentials, principals etc.
In this
The scalability of the JaasSecurityManager.isValid method is a known issue and
has an existing sourceforge bug:
[ 974735 ] Slow performance of JaasSecurityManager
http://sourceforge.net/tracker/index.php?func=detailaid=974735group_id=22866atid=376685
The getActiveSubject is useless and not part
Warning: dont do what we did, it broke things badly, making it possible for identity
switches to occur mid-flight. The problem is with the shared use of the
CallbackHandler (SecurityAssociationHandler). JaasSecurityManager uses the same
instance of the handler to transfer principal/credentials
Hi,
Thanks for confirming the issue that we are seeing. I thought we might be going crazy
there for a moment.
cheers
craig
View the original post :
http://www.jboss.org/index.html?module=bbop=viewtopicp=3823476#3823476
Reply to the post :
Improving the concurrency of the isValid method is on the todo list. You can post your
patch to sourceforge and I'll look at it.
http://sourceforge.net/tracker/?group_id=22866atid=376687
View the original post :
http://www.jboss.org/index.html?module=bbop=viewtopicp=3823507#3823507
Reply to
We discovered the same problem this week. In our case a login module blocked at the
database by another transaction led to a system wide deadlock.
It looks like there was an attempt to fix this last year, but the fix was rolled back
a few days later:
Mon Sep 15 15:52:01 2003 UTC (5 months, 1
We have replaced JaasSecurityManager with our own version that synchronizes on
principal-keyed locks. It looks safe enough, and performance is greatly improved. Its
trivial code, but I can submit it if anyone wants it.
c
View the original post :
