[jira] [Commented] (SYNCOPE-507) User login date conditional logging
[
https://issues.apache.org/jira/browse/SYNCOPE-507?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=1405#comment-1405
]
Francesco Chicchiriccò commented on SYNCOPE-507:
Hi Guido,
ATM if {{log.lastlogindate}} is set to {{false}} (which is *not* the default
BTW), failed authentication attempts are registered anyway; as a result, users
still get locked after 3 failed login attempts, but such counter is not reset
after a successful authentication - see [around line
155|https://svn.apache.org/viewvc/syncope/branches/1_1_X/core/src/main/java/org/apache/syncope/core/security/SyncopeAuthenticationProvider.java?view=markuppathrev=1603768].
The whole point here is to avoid writing to the database on the common case,
e.g. successful authentication.
If you choose to set {{log.lastlogindate}} to {{false}}, a drawback for
administrators is that they will need to manually unlock users more frequently.
User login date conditional logging
---
Key: SYNCOPE-507
URL: https://issues.apache.org/jira/browse/SYNCOPE-507
Project: Syncope
Issue Type: Improvement
Components: core
Affects Versions: 1.1.7
Reporter: Yann Diorcet
Assignee: Francesco Chicchiriccò
Priority: Minor
Fix For: 1.1.8, 1.2.0
Attachments: 0001-Conditional-authentication-DB-logs.patch
When used aside other processes with huge IO usage, the REST call to
syncope/cxf/users/self can be take lot of time to reply (on our machine up to
60 seconds). This is due to the DB update on lastLoggindDate, mysql takes lot
of time to commit the modifications.
Maybe add an option for disabling this feature (or restrict the update
following a minimum time gap) can be a good idea
--
This message was sent by Atlassian JIRA
(v6.2#6252)
[jira] [Commented] (SYNCOPE-507) User login date conditional logging
[
https://issues.apache.org/jira/browse/SYNCOPE-507?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14052321#comment-14052321
]
Guido Wimmel commented on SYNCOPE-507:
--
Would it be an improvement to reset the failed login counter regardless of the
value of {{log.lastlogindate}}, but only if the value of the failed login
counter was not zero already? This should also avoid writing to the database in
the common case.
User login date conditional logging
---
Key: SYNCOPE-507
URL: https://issues.apache.org/jira/browse/SYNCOPE-507
Project: Syncope
Issue Type: Improvement
Components: core
Affects Versions: 1.1.7
Reporter: Yann Diorcet
Assignee: Francesco Chicchiriccò
Priority: Minor
Fix For: 1.1.8, 1.2.0
Attachments: 0001-Conditional-authentication-DB-logs.patch
When used aside other processes with huge IO usage, the REST call to
syncope/cxf/users/self can be take lot of time to reply (on our machine up to
60 seconds). This is due to the DB update on lastLoggindDate, mysql takes lot
of time to commit the modifications.
Maybe add an option for disabling this feature (or restrict the update
following a minimum time gap) can be a good idea
--
This message was sent by Atlassian JIRA
(v6.2#6252)
[jira] [Commented] (SYNCOPE-507) User login date conditional logging
[ https://issues.apache.org/jira/browse/SYNCOPE-507?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14052326#comment-14052326 ] Francesco Chicchiriccò commented on SYNCOPE-507: I am actually +-0 for this change: if you want, go ahead, open a new issue related to the current one and provide a fix. Being the 1.1.8 release currently under vote - hey, why don't you take a look and provide your feedback BTW? - I'd say the new issue is going to be fixed in 1.1.9. User login date conditional logging --- Key: SYNCOPE-507 URL: https://issues.apache.org/jira/browse/SYNCOPE-507 Project: Syncope Issue Type: Improvement Components: core Affects Versions: 1.1.7 Reporter: Yann Diorcet Assignee: Francesco Chicchiriccò Priority: Minor Fix For: 1.1.8, 1.2.0 Attachments: 0001-Conditional-authentication-DB-logs.patch When used aside other processes with huge IO usage, the REST call to syncope/cxf/users/self can be take lot of time to reply (on our machine up to 60 seconds). This is due to the DB update on lastLoggindDate, mysql takes lot of time to commit the modifications. Maybe add an option for disabling this feature (or restrict the update following a minimum time gap) can be a good idea -- This message was sent by Atlassian JIRA (v6.2#6252)
[jira] [Commented] (SYNCOPE-507) User login date conditional logging
[ https://issues.apache.org/jira/browse/SYNCOPE-507?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14052373#comment-14052373 ] Guido Wimmel commented on SYNCOPE-507: -- Ok. I also think it would be ok to possibly fix this in 1.1.9. User login date conditional logging --- Key: SYNCOPE-507 URL: https://issues.apache.org/jira/browse/SYNCOPE-507 Project: Syncope Issue Type: Improvement Components: core Affects Versions: 1.1.7 Reporter: Yann Diorcet Assignee: Francesco Chicchiriccò Priority: Minor Fix For: 1.1.8, 1.2.0 Attachments: 0001-Conditional-authentication-DB-logs.patch When used aside other processes with huge IO usage, the REST call to syncope/cxf/users/self can be take lot of time to reply (on our machine up to 60 seconds). This is due to the DB update on lastLoggindDate, mysql takes lot of time to commit the modifications. Maybe add an option for disabling this feature (or restrict the update following a minimum time gap) can be a good idea -- This message was sent by Atlassian JIRA (v6.2#6252)
[jira] [Commented] (SYNCOPE-507) User login date conditional logging
[ https://issues.apache.org/jira/browse/SYNCOPE-507?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14051864#comment-14051864 ] Guido Wimmel commented on SYNCOPE-507: -- Hi Francesco, about the reworked patch: a bit late and I'm unsure, but wouldn't it be more consistent to also setFailedLogins(0) on successful login even if log.lastlogindate=false? Otherwise the semantics of getFailedLogins() differs depending on the setting of log.lastlogindate, which looks counterintuitive to me, and makes e.g. locking a user after 3 failed login attempts impossible. Cheers, Guido User login date conditional logging --- Key: SYNCOPE-507 URL: https://issues.apache.org/jira/browse/SYNCOPE-507 Project: Syncope Issue Type: Improvement Components: core Affects Versions: 1.1.7 Reporter: Yann Diorcet Assignee: Francesco Chicchiriccò Priority: Minor Fix For: 1.1.8, 1.2.0 Attachments: 0001-Conditional-authentication-DB-logs.patch When used aside other processes with huge IO usage, the REST call to syncope/cxf/users/self can be take lot of time to reply (on our machine up to 60 seconds). This is due to the DB update on lastLoggindDate, mysql takes lot of time to commit the modifications. Maybe add an option for disabling this feature (or restrict the update following a minimum time gap) can be a good idea -- This message was sent by Atlassian JIRA (v6.2#6252)
[jira] [Commented] (SYNCOPE-507) User login date conditional logging
[ https://issues.apache.org/jira/browse/SYNCOPE-507?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14037140#comment-14037140 ] ASF subversion and git services commented on SYNCOPE-507: - Commit 1603763 from [~ilgrosso] in branch 'syncope/branches/1_1_X' [ https://svn.apache.org/r1603763 ] [SYNCOPE-507] Reworking provided patch User login date conditional logging --- Key: SYNCOPE-507 URL: https://issues.apache.org/jira/browse/SYNCOPE-507 Project: Syncope Issue Type: Improvement Components: core Affects Versions: 1.1.7 Reporter: Yann Diorcet Assignee: Francesco Chicchiriccò Priority: Minor Fix For: 1.1.8, 1.2.0 Attachments: 0001-Conditional-authentication-DB-logs.patch When used aside other processes with huge IO usage, the REST call to syncope/cxf/users/self can be take lot of time to reply (on our machine up to 60 seconds). This is due to the DB update on lastLoggindDate, mysql takes lot of time to commit the modifications. Maybe add an option for disabling this feature (or restrict the update following a minimum time gap) can be a good idea -- This message was sent by Atlassian JIRA (v6.2#6252)
[jira] [Commented] (SYNCOPE-507) User login date conditional logging
[ https://issues.apache.org/jira/browse/SYNCOPE-507?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14037148#comment-14037148 ] ASF subversion and git services commented on SYNCOPE-507: - Commit 1603768 from [~ilgrosso] in branch 'syncope/trunk' [ https://svn.apache.org/r1603768 ] [SYNCOPE-507] Merge from 1_1_X User login date conditional logging --- Key: SYNCOPE-507 URL: https://issues.apache.org/jira/browse/SYNCOPE-507 Project: Syncope Issue Type: Improvement Components: core Affects Versions: 1.1.7 Reporter: Yann Diorcet Assignee: Francesco Chicchiriccò Priority: Minor Fix For: 1.1.8, 1.2.0 Attachments: 0001-Conditional-authentication-DB-logs.patch When used aside other processes with huge IO usage, the REST call to syncope/cxf/users/self can be take lot of time to reply (on our machine up to 60 seconds). This is due to the DB update on lastLoggindDate, mysql takes lot of time to commit the modifications. Maybe add an option for disabling this feature (or restrict the update following a minimum time gap) can be a good idea -- This message was sent by Atlassian JIRA (v6.2#6252)
