Hi All, I see few issues with the serialization approach. 1. Java serialization is not the proper solution for the caching. We need to cache the objects in the respective Store/Cache layer. This should be in-memory cache and should not be a distributed cache at all. We do not need to serialize as we are not going to send the objects over the wire. What we have to do is invalidate the cache object by a key, if there is any modification so that next time the read is happen from the persistence store. 2. Java serialization is very slow and takes more memory than necessary [1] [2]. We have to use better serialization technology if we really need to use that. 3. We can use better controlled mechanism [3] instead of serialization.
-0.9 on the PR[4] and specifically implementing serializable on all domain objects. [1] http://java-persistence-performance.blogspot.com/2013/08/optimizing-java-serialization-java-vs.html [2] https://github.com/eishay/jvm-serializers/wiki [3] http://docs.oracle.com/javase/7/docs/api/java/io/Externalizable.html [4] https://github.com/wso2/carbon-identity-mgt/pull/160 Cheers, Ruwan On Sun, Mar 12, 2017 at 12:01 PM, Harsha Thirimanna <[email protected]> wrote: > Hi Thanuja/Ishara, > > We need to finalize this because of we are going to release a milestone > this week. I have sent a PR [1]. Please confirm this fix or otherwise we > have to go the one i suggested in first comment. > > [1] https://github.com/wso2/carbon-identity-mgt/pull/160 > > *Harsha Thirimanna* > *Associate Tech Lead | WSO2* > > Email: [email protected] > Mob: +94715186770 <+94%2071%20518%206770> > Blog: http://harshathirimanna.blogspot.com/ > Twitter: http://twitter.com/harshathirimann > Linked-In: linked-in: http://www.linkedin.com/pub/ > harsha-thirimanna/10/ab8/122 > <http://wso2.com/signature> > > On Sun, Mar 12, 2017 at 11:26 AM, Harsha Thirimanna <[email protected]> > wrote: > >> On Sun, Mar 12, 2017 at 11:23 AM, Johann Nallathamby <[email protected]> >> wrote: >> >>> >>> >>> On Sun, Mar 12, 2017 at 10:48 AM, Harsha Thirimanna <[email protected]> >>> wrote: >>> >>>> On Sun, Mar 12, 2017 at 8:42 AM, Harsha Thirimanna <[email protected]> >>>> wrote: >>>> >>>>> >>>>> >>>>> On Sat, Mar 11, 2017 at 11:46 PM, Johann Nallathamby <[email protected]> >>>>> wrote: >>>>> >>>>>> Why can't we simply re-initialize the User object with the correct >>>>>> identity store when it is deserialized, using the >>>>>> >>>>>> readObject() method? >>>>>> >>>>>> >>>>> How we provide the RealmService to readObject method in User class ? >>>>> >>>> >>>> I could provide the RealmService to the User class within identity.mgt >>>> component by using DataHolder and could solve this restore problem by >>>> implementing readObject() method. I tested this by caching and using from >>>> identity.gateway and worked fine without having any issue. We can just call >>>> getClaim API without knowing whether it is coming from Cached or not. >>>> >>>> This is the method in User class. WDYT ? Do we have to consider any >>>> other aspect ? >>>> >>> >>> This is what I also meant. AFAIK it shouldn't be a problem. >>> >> >> Yes, We will see Thanuja/Ishara responses as well and will send PR for >> that. >> >>> /** >>>> * Since, IdentityStore is transient, If some one serialize this User >>>> object, we have to restore the IdentityStore >>>> * when the User object get deserialize. >>>> * >>>> * @param ois ObjectInputStream >>>> * @throws ClassNotFoundException >>>> * @throws IOException >>>> */ >>>> private void readObject(ObjectInputStream ois) throws >>>> ClassNotFoundException, IOException{ >>>> >>>> //Restoring the values in default order. >>>> domainName = (String)ois.readObject(); >>>> state = (String)ois.readObject(); >>>> uniqueUserId = (String)ois.readObject(); >>>> >>>> //Restore the IdentityStore >>>> RealmService realmService = >>>> IdentityMgtDataHolder.getInstance().getRealmService(); >>>> identityStore = realmService.getIdentityStore(); >>>> >>>> } >>>> >>>> >>>> >>>> >>>>> >>>>> >>>>>> On Sat, Mar 11, 2017 at 10:41 PM, Jayanga Kaushalya < >>>>>> [email protected]> wrote: >>>>>> >>>>>>> Hi Harsha, >>>>>>> >>>>>>> Yes I understand. Either you have to check whether the Identity >>>>>>> Store is null in the User object or we should change each method in the >>>>>>> User class which uses Identity Store to throw custom checked exception >>>>>>> when >>>>>>> the Identity Store is null and handle it accordingly when using User >>>>>>> object. Personally I am +1 for the second approach. Please advice if >>>>>>> there >>>>>>> are any better approaches. >>>>>>> >>>>>> >>>>> As Thanuja said, we have to think about why we need to cache complete >>>>> User object as it is, because that is not expected by design. I am not >>>>> sure it is totally OK. >>>>> But in that case, instead of storing complete User object, we have to >>>>> either store user unique id only or writing our own wrapper to User class >>>>> and use >>>>> >>>>> readObject() to restore the IdentityStore as Johan suggested. To that >>>>> we can provide RealmService by using a ServiceHolder directly within our >>>>> own component. >>>>> >>>>> >>>>> >>>>> >>>>> >>>>>> >>>>>>> Thanks! >>>>>>> >>>>>>> *Jayanga Kaushalya* >>>>>>> Software Engineer >>>>>>> Mobile: +94777860160 <+94%2077%20786%200160> >>>>>>> WSO2 Inc. | http://wso2.com >>>>>>> lean.enterprise.middleware >>>>>>> >>>>>>> On Sat, Mar 11, 2017 at 9:27 PM, Harsha Thirimanna <[email protected] >>>>>>> > wrote: >>>>>>> >>>>>>>> Hi Jayanga, >>>>>>>> >>>>>>>> Yes, that is possible to do and I felt it as a workaround to >>>>>>>> instead of calling getClaim API in user object. >>>>>>>> But at once i didn't feel that i can't call getClaim API because i >>>>>>>> don't know whether that User object is coming from Cache or not. It >>>>>>>> can be >>>>>>>> cached by different component even. >>>>>>>> Is that make sense to provide such API in user object if it not >>>>>>>> possible to give the result all the time in sameway. We have to make it >>>>>>>> consistent. Because , the developer has to know whether this User >>>>>>>> object >>>>>>>> came from Cache or not. If it is from cache, then developer has to get >>>>>>>> the >>>>>>>> claims by using RealmService again. >>>>>>>> >>>>>>>> *Harsha Thirimanna* >>>>>>>> *Associate Tech Lead | WSO2* >>>>>>>> >>>>>>>> Email: [email protected] >>>>>>>> Mob: +94715186770 <+94%2071%20518%206770> >>>>>>>> Blog: http://harshathirimanna.blogspot.com/ >>>>>>>> Twitter: http://twitter.com/harshathirimann >>>>>>>> Linked-In: linked-in: http://www.linkedin.com/pub/ha >>>>>>>> rsha-thirimanna/10/ab8/122 >>>>>>>> <http://wso2.com/signature> >>>>>>>> >>>>>>>> On Sat, Mar 11, 2017 at 8:49 PM, Hasintha Indrajee < >>>>>>>> [email protected]> wrote: >>>>>>>> >>>>>>>>> Hi Jayanga, >>>>>>>>> >>>>>>>>> So what happens if we want to store user objects and then later if >>>>>>>>> we want to retrieve user objects and try to access claims ? . Here we >>>>>>>>> are >>>>>>>>> storing user objects in authentication context, not in the identity >>>>>>>>> store. >>>>>>>>> And how are we storing user objects in the cache when the instance of >>>>>>>>> identity store is neither serializable nor transient ? >>>>>>>>> >>>>>>>>> On Sat, Mar 11, 2017 at 8:34 PM, Jayanga Kaushalya < >>>>>>>>> [email protected]> wrote: >>>>>>>>> >>>>>>>>>> Hi Harsha, >>>>>>>>>> >>>>>>>>>> It was designed to be like that. User object will be cached in >>>>>>>>>> the IdentityStore. So when you retrieving the user object from >>>>>>>>>> IdentityStore again, it will be most probably from cache instead of >>>>>>>>>> connector. >>>>>>>>>> >>>>>>>>>> Thanks! >>>>>>>>>> >>>>>>>>>> *Jayanga Kaushalya* >>>>>>>>>> Software Engineer >>>>>>>>>> Mobile: +94777860160 <+94%2077%20786%200160> >>>>>>>>>> WSO2 Inc. | http://wso2.com >>>>>>>>>> lean.enterprise.middleware >>>>>>>>>> >>>>>>>>>> On Sat, Mar 11, 2017 at 7:41 PM, Harsha Thirimanna < >>>>>>>>>> [email protected]> wrote: >>>>>>>>>> >>>>>>>>>>> Hi All, >>>>>>>>>>> >>>>>>>>>>> In identity gateway, we have to cache the User object that is >>>>>>>>>>> retrieved from user core within the authentication context and >>>>>>>>>>> session >>>>>>>>>>> context. After some times we have to get that user object and want >>>>>>>>>>> to get >>>>>>>>>>> the claims since it has the claim API within user object itself. But >>>>>>>>>>> because of the IdentityStore is non Serializable and make it >>>>>>>>>>> transient, it will not stored with the User object when it >>>>>>>>>>> cached, so we can't call the getCalim method in User object now. >>>>>>>>>>> >>>>>>>>>>> What I did is, get the user unique id from the user object that >>>>>>>>>>> is stored in the cache and call the RealmService and get the User >>>>>>>>>>> object >>>>>>>>>>> again from the user core when it required. Is that the right >>>>>>>>>>> behaviour that >>>>>>>>>>> we expect in the new user core design or did I missed something ? >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> public class User implements Serializable { >>>>>>>>>>> private static final long serialVersionUID = 21578845544565554L; >>>>>>>>>>> private String uniqueUserId; >>>>>>>>>>> private String domainName; >>>>>>>>>>> private String state; >>>>>>>>>>> private transient IdentityStore identityStore; >>>>>>>>>>> >>>>>>>>>>> thanks >>>>>>>>>>> >>>>>>>>>>> *Harsha Thirimanna* >>>>>>>>>>> *Associate Tech Lead | WSO2* >>>>>>>>>>> >>>>>>>>>>> Email: [email protected] >>>>>>>>>>> Mob: +94715186770 <+94%2071%20518%206770> >>>>>>>>>>> Blog: http://harshathirimanna.blogspot.com/ >>>>>>>>>>> Twitter: http://twitter.com/harshathirimann >>>>>>>>>>> Linked-In: linked-in: http://www.linkedin.com/pub/ha >>>>>>>>>>> rsha-thirimanna/10/ab8/122 >>>>>>>>>>> <http://wso2.com/signature> >>>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> _______________________________________________ >>>>>>>>>> Architecture mailing list >>>>>>>>>> [email protected] >>>>>>>>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>>>>>>>>> >>>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> -- >>>>>>>>> Hasintha Indrajee >>>>>>>>> WSO2, Inc. >>>>>>>>> Mobile:+94 771892453 <+94%2077%20189%202453> >>>>>>>>> >>>>>>>>> >>>>>>>> >>>>>>>> *Harsha Thirimanna* >>>>>>>> *Associate Tech Lead | WSO2* >>>>>>>> >>>>>>>> Email: [email protected] >>>>>>>> Mob: +94715186770 <+94%2071%20518%206770> >>>>>>>> Blog: http://harshathirimanna.blogspot.com/ >>>>>>>> Twitter: http://twitter.com/harshathirimann >>>>>>>> Linked-In: linked-in: http://www.linkedin.com/pub/ha >>>>>>>> rsha-thirimanna/10/ab8/122 >>>>>>>> <http://wso2.com/signature> >>>>>>>> >>>>>>>> On Sat, Mar 11, 2017 at 8:49 PM, Hasintha Indrajee < >>>>>>>> [email protected]> wrote: >>>>>>>> >>>>>>>>> Hi Jayanga, >>>>>>>>> >>>>>>>>> So what happens if we want to store user objects and then later if >>>>>>>>> we want to retrieve user objects and try to access claims ? . Here we >>>>>>>>> are >>>>>>>>> storing user objects in authentication context, not in the identity >>>>>>>>> store. >>>>>>>>> And how are we storing user objects in the cache when the instance of >>>>>>>>> identity store is neither serializable nor transient ? >>>>>>>>> >>>>>>>>> On Sat, Mar 11, 2017 at 8:34 PM, Jayanga Kaushalya < >>>>>>>>> [email protected]> wrote: >>>>>>>>> >>>>>>>>>> Hi Harsha, >>>>>>>>>> >>>>>>>>>> It was designed to be like that. User object will be cached in >>>>>>>>>> the IdentityStore. So when you retrieving the user object from >>>>>>>>>> IdentityStore again, it will be most probably from cache instead of >>>>>>>>>> connector. >>>>>>>>>> >>>>>>>>>> Thanks! >>>>>>>>>> >>>>>>>>>> *Jayanga Kaushalya* >>>>>>>>>> Software Engineer >>>>>>>>>> Mobile: +94777860160 <+94%2077%20786%200160> >>>>>>>>>> WSO2 Inc. | http://wso2.com >>>>>>>>>> lean.enterprise.middleware >>>>>>>>>> >>>>>>>>>> On Sat, Mar 11, 2017 at 7:41 PM, Harsha Thirimanna < >>>>>>>>>> [email protected]> wrote: >>>>>>>>>> >>>>>>>>>>> Hi All, >>>>>>>>>>> >>>>>>>>>>> In identity gateway, we have to cache the User object that is >>>>>>>>>>> retrieved from user core within the authentication context and >>>>>>>>>>> session >>>>>>>>>>> context. After some times we have to get that user object and want >>>>>>>>>>> to get >>>>>>>>>>> the claims since it has the claim API within user object itself. But >>>>>>>>>>> because of the IdentityStore is non Serializable and make it >>>>>>>>>>> transient, it will not stored with the User object when it >>>>>>>>>>> cached, so we can't call the getCalim method in User object now. >>>>>>>>>>> >>>>>>>>>>> What I did is, get the user unique id from the user object that >>>>>>>>>>> is stored in the cache and call the RealmService and get the User >>>>>>>>>>> object >>>>>>>>>>> again from the user core when it required. Is that the right >>>>>>>>>>> behaviour that >>>>>>>>>>> we expect in the new user core design or did I missed something ? >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> public class User implements Serializable { >>>>>>>>>>> private static final long serialVersionUID = 21578845544565554L; >>>>>>>>>>> private String uniqueUserId; >>>>>>>>>>> private String domainName; >>>>>>>>>>> private String state; >>>>>>>>>>> private transient IdentityStore identityStore; >>>>>>>>>>> >>>>>>>>>>> thanks >>>>>>>>>>> >>>>>>>>>>> *Harsha Thirimanna* >>>>>>>>>>> *Associate Tech Lead | WSO2* >>>>>>>>>>> >>>>>>>>>>> Email: [email protected] >>>>>>>>>>> Mob: +94715186770 <+94%2071%20518%206770> >>>>>>>>>>> Blog: http://harshathirimanna.blogspot.com/ >>>>>>>>>>> Twitter: http://twitter.com/harshathirimann >>>>>>>>>>> Linked-In: linked-in: http://www.linkedin.com/pub/ha >>>>>>>>>>> rsha-thirimanna/10/ab8/122 >>>>>>>>>>> <http://wso2.com/signature> >>>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> _______________________________________________ >>>>>>>>>> Architecture mailing list >>>>>>>>>> [email protected] >>>>>>>>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>>>>>>>>> >>>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> -- >>>>>>>>> Hasintha Indrajee >>>>>>>>> WSO2, Inc. >>>>>>>>> Mobile:+94 771892453 <+94%2077%20189%202453> >>>>>>>>> >>>>>>>>> >>>>>>>> >>>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> Thanks & Regards, >>>>>> >>>>>> *Johann Dilantha Nallathamby* >>>>>> Technical Lead & Product Lead of WSO2 Identity Server >>>>>> Governance Technologies Team >>>>>> WSO2, Inc. >>>>>> lean.enterprise.middleware >>>>>> >>>>>> Mobile - *+94777776950* >>>>>> Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>* >>>>>> >>>>> >>>>> >>>> >>> >>> >>> -- >>> Thanks & Regards, >>> >>> *Johann Dilantha Nallathamby* >>> Technical Lead & Product Lead of WSO2 Identity Server >>> Governance Technologies Team >>> WSO2, Inc. >>> lean.enterprise.middleware >>> >>> Mobile - *+94777776950* >>> Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>* >>> >> >> > -- *Ruwan Abeykoon* *Associate Director/Architect**,* *WSO2, Inc. http://wso2.com <https://wso2.com/signature> * *lean.enterprise.middleware.*
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
