[jira] [Commented] (SYNCOPE-507) User login date conditional logging
[ https://issues.apache.org/jira/browse/SYNCOPE-507?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=1405#comment-1405 ] Francesco Chicchiriccò commented on SYNCOPE-507: Hi Guido, ATM if {{log.lastlogindate}} is set to {{false}} (which is *not* the default BTW), failed authentication attempts are registered anyway; as a result, users still get locked after 3 failed login attempts, but such counter is not reset after a successful authentication - see [around line 155|https://svn.apache.org/viewvc/syncope/branches/1_1_X/core/src/main/java/org/apache/syncope/core/security/SyncopeAuthenticationProvider.java?view=markuppathrev=1603768]. The whole point here is to avoid writing to the database on the common case, e.g. successful authentication. If you choose to set {{log.lastlogindate}} to {{false}}, a drawback for administrators is that they will need to manually unlock users more frequently. User login date conditional logging --- Key: SYNCOPE-507 URL: https://issues.apache.org/jira/browse/SYNCOPE-507 Project: Syncope Issue Type: Improvement Components: core Affects Versions: 1.1.7 Reporter: Yann Diorcet Assignee: Francesco Chicchiriccò Priority: Minor Fix For: 1.1.8, 1.2.0 Attachments: 0001-Conditional-authentication-DB-logs.patch When used aside other processes with huge IO usage, the REST call to syncope/cxf/users/self can be take lot of time to reply (on our machine up to 60 seconds). This is due to the DB update on lastLoggindDate, mysql takes lot of time to commit the modifications. Maybe add an option for disabling this feature (or restrict the update following a minimum time gap) can be a good idea -- This message was sent by Atlassian JIRA (v6.2#6252)
[jira] [Commented] (SYNCOPE-507) User login date conditional logging
[ https://issues.apache.org/jira/browse/SYNCOPE-507?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14052321#comment-14052321 ] Guido Wimmel commented on SYNCOPE-507: -- Would it be an improvement to reset the failed login counter regardless of the value of {{log.lastlogindate}}, but only if the value of the failed login counter was not zero already? This should also avoid writing to the database in the common case. User login date conditional logging --- Key: SYNCOPE-507 URL: https://issues.apache.org/jira/browse/SYNCOPE-507 Project: Syncope Issue Type: Improvement Components: core Affects Versions: 1.1.7 Reporter: Yann Diorcet Assignee: Francesco Chicchiriccò Priority: Minor Fix For: 1.1.8, 1.2.0 Attachments: 0001-Conditional-authentication-DB-logs.patch When used aside other processes with huge IO usage, the REST call to syncope/cxf/users/self can be take lot of time to reply (on our machine up to 60 seconds). This is due to the DB update on lastLoggindDate, mysql takes lot of time to commit the modifications. Maybe add an option for disabling this feature (or restrict the update following a minimum time gap) can be a good idea -- This message was sent by Atlassian JIRA (v6.2#6252)
[jira] [Commented] (SYNCOPE-507) User login date conditional logging
[ https://issues.apache.org/jira/browse/SYNCOPE-507?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14052326#comment-14052326 ] Francesco Chicchiriccò commented on SYNCOPE-507: I am actually +-0 for this change: if you want, go ahead, open a new issue related to the current one and provide a fix. Being the 1.1.8 release currently under vote - hey, why don't you take a look and provide your feedback BTW? - I'd say the new issue is going to be fixed in 1.1.9. User login date conditional logging --- Key: SYNCOPE-507 URL: https://issues.apache.org/jira/browse/SYNCOPE-507 Project: Syncope Issue Type: Improvement Components: core Affects Versions: 1.1.7 Reporter: Yann Diorcet Assignee: Francesco Chicchiriccò Priority: Minor Fix For: 1.1.8, 1.2.0 Attachments: 0001-Conditional-authentication-DB-logs.patch When used aside other processes with huge IO usage, the REST call to syncope/cxf/users/self can be take lot of time to reply (on our machine up to 60 seconds). This is due to the DB update on lastLoggindDate, mysql takes lot of time to commit the modifications. Maybe add an option for disabling this feature (or restrict the update following a minimum time gap) can be a good idea -- This message was sent by Atlassian JIRA (v6.2#6252)
[jira] [Commented] (SYNCOPE-507) User login date conditional logging
[ https://issues.apache.org/jira/browse/SYNCOPE-507?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14052373#comment-14052373 ] Guido Wimmel commented on SYNCOPE-507: -- Ok. I also think it would be ok to possibly fix this in 1.1.9. User login date conditional logging --- Key: SYNCOPE-507 URL: https://issues.apache.org/jira/browse/SYNCOPE-507 Project: Syncope Issue Type: Improvement Components: core Affects Versions: 1.1.7 Reporter: Yann Diorcet Assignee: Francesco Chicchiriccò Priority: Minor Fix For: 1.1.8, 1.2.0 Attachments: 0001-Conditional-authentication-DB-logs.patch When used aside other processes with huge IO usage, the REST call to syncope/cxf/users/self can be take lot of time to reply (on our machine up to 60 seconds). This is due to the DB update on lastLoggindDate, mysql takes lot of time to commit the modifications. Maybe add an option for disabling this feature (or restrict the update following a minimum time gap) can be a good idea -- This message was sent by Atlassian JIRA (v6.2#6252)
[jira] [Commented] (SYNCOPE-507) User login date conditional logging
[ https://issues.apache.org/jira/browse/SYNCOPE-507?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14051864#comment-14051864 ] Guido Wimmel commented on SYNCOPE-507: -- Hi Francesco, about the reworked patch: a bit late and I'm unsure, but wouldn't it be more consistent to also setFailedLogins(0) on successful login even if log.lastlogindate=false? Otherwise the semantics of getFailedLogins() differs depending on the setting of log.lastlogindate, which looks counterintuitive to me, and makes e.g. locking a user after 3 failed login attempts impossible. Cheers, Guido User login date conditional logging --- Key: SYNCOPE-507 URL: https://issues.apache.org/jira/browse/SYNCOPE-507 Project: Syncope Issue Type: Improvement Components: core Affects Versions: 1.1.7 Reporter: Yann Diorcet Assignee: Francesco Chicchiriccò Priority: Minor Fix For: 1.1.8, 1.2.0 Attachments: 0001-Conditional-authentication-DB-logs.patch When used aside other processes with huge IO usage, the REST call to syncope/cxf/users/self can be take lot of time to reply (on our machine up to 60 seconds). This is due to the DB update on lastLoggindDate, mysql takes lot of time to commit the modifications. Maybe add an option for disabling this feature (or restrict the update following a minimum time gap) can be a good idea -- This message was sent by Atlassian JIRA (v6.2#6252)
[jira] [Commented] (SYNCOPE-507) User login date conditional logging
[ https://issues.apache.org/jira/browse/SYNCOPE-507?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14037140#comment-14037140 ] ASF subversion and git services commented on SYNCOPE-507: - Commit 1603763 from [~ilgrosso] in branch 'syncope/branches/1_1_X' [ https://svn.apache.org/r1603763 ] [SYNCOPE-507] Reworking provided patch User login date conditional logging --- Key: SYNCOPE-507 URL: https://issues.apache.org/jira/browse/SYNCOPE-507 Project: Syncope Issue Type: Improvement Components: core Affects Versions: 1.1.7 Reporter: Yann Diorcet Assignee: Francesco Chicchiriccò Priority: Minor Fix For: 1.1.8, 1.2.0 Attachments: 0001-Conditional-authentication-DB-logs.patch When used aside other processes with huge IO usage, the REST call to syncope/cxf/users/self can be take lot of time to reply (on our machine up to 60 seconds). This is due to the DB update on lastLoggindDate, mysql takes lot of time to commit the modifications. Maybe add an option for disabling this feature (or restrict the update following a minimum time gap) can be a good idea -- This message was sent by Atlassian JIRA (v6.2#6252)
[jira] [Commented] (SYNCOPE-507) User login date conditional logging
[ https://issues.apache.org/jira/browse/SYNCOPE-507?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14037148#comment-14037148 ] ASF subversion and git services commented on SYNCOPE-507: - Commit 1603768 from [~ilgrosso] in branch 'syncope/trunk' [ https://svn.apache.org/r1603768 ] [SYNCOPE-507] Merge from 1_1_X User login date conditional logging --- Key: SYNCOPE-507 URL: https://issues.apache.org/jira/browse/SYNCOPE-507 Project: Syncope Issue Type: Improvement Components: core Affects Versions: 1.1.7 Reporter: Yann Diorcet Assignee: Francesco Chicchiriccò Priority: Minor Fix For: 1.1.8, 1.2.0 Attachments: 0001-Conditional-authentication-DB-logs.patch When used aside other processes with huge IO usage, the REST call to syncope/cxf/users/self can be take lot of time to reply (on our machine up to 60 seconds). This is due to the DB update on lastLoggindDate, mysql takes lot of time to commit the modifications. Maybe add an option for disabling this feature (or restrict the update following a minimum time gap) can be a good idea -- This message was sent by Atlassian JIRA (v6.2#6252)