Looking at the JDBCAuthorizationManager - there seems to be multiple
opportunities where a deadlock could occur.
In this particular scenario - the resource under question is
UM_ROLE_PERMISSION - which is be used across different operations in
the same class to execute following queries.
public static final String ADD_ROLE_PERMISSION_SQL = "INSERT INTO
UM_ROLE_PERMISSION (UM_PERMISSION_ID," +
" UM_ROLE_NAME, UM_IS_ALLOWED, UM_TENANT_ID) VALUES (?, ?, ?,
?)";
public static final String DELETE_ROLE_PERMISSION_SQL = "DELETE FROM
UM_ROLE_PERMISSION WHERE UM_ROLE_NAME=? " +
"AND UM_PERMISSION_ID = (SELECT UM_ID FROM UM_PERMISSION WHERE
public static final String ON_DELETE_ROLE_DELETE_PERMISSION_SQL =
"DELETE FROM UM_ROLE_PERMISSION WHERE UM_ROLE_NAME=? AND
UM_TENANT_ID=?";
public static final String DELETE_ROLE_PERMISSIONS_BASED_ON_ACTION
="DELETE FROM UM_ROLE_PERMISSION WHERE UM_ROLE_NAME=? " +
"AND UM_PERMISSION_ID IN (SELECT UM_ID FROM
UM_PERMISSION WHERE UM_ACTION = ? AND UM_TENANT_ID=?) AND
UM_TENANT_ID=?";
public static final String UPDATE_UM_ROLE_NAME_PERMISSION_SQL =
"UPDATE UM_ROLE_PERMISSION set UM_ROLE_NAME=? WHERE UM_ROLE_NAME=? AND
UM_TENANT_ID=?";
As, the quick solution I would suggest we try synchronizing following
four operations in JDBCAuthorizationManager.
1. addAuthorizationForRole
2 clearRoleAuthorization
3. clearRoleActionOnAllResources
4. resetPermissionOnUpdateRole
This comes at the cost of concurrency - but none of the above
operations are not frequently executed..
I will look further in to this..
WDYT?
Thanks & regards,
-Prabath
On Tue, Nov 9, 2010 at 4:50 PM, Prabath Siriwardana <[email protected]> wrote:
> I am looking in to this - will update the list with the findings...
>
> Thanks & regards,
> -Prabath
>
_______________________________________________
Carbon-dev mailing list
[email protected]
https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev
