[
https://issues.apache.org/jira/browse/SYNCOPE-507?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14052222#comment-14052222
]
Francesco Chicchiriccò commented on SYNCOPE-507:
------------------------------------------------
Hi Guido,
ATM if {{log.lastlogindate}} is set to {{false}} (which is *not* the default
BTW), failed authentication attempts are registered anyway; as a result, users
still get locked after 3 failed login attempts, but such counter is not reset
after a successful authentication - see [around line
155|https://svn.apache.org/viewvc/syncope/branches/1_1_X/core/src/main/java/org/apache/syncope/core/security/SyncopeAuthenticationProvider.java?view=markup&pathrev=1603768].
The whole point here is to avoid writing to the database on the common case,
e.g. successful authentication.
If you choose to set {{log.lastlogindate}} to {{false}}, a drawback for
administrators is that they will need to manually unlock users more frequently.
> User login date conditional logging
> -----------------------------------
>
> Key: SYNCOPE-507
> URL: https://issues.apache.org/jira/browse/SYNCOPE-507
> Project: Syncope
> Issue Type: Improvement
> Components: core
> Affects Versions: 1.1.7
> Reporter: Yann Diorcet
> Assignee: Francesco Chicchiriccò
> Priority: Minor
> Fix For: 1.1.8, 1.2.0
>
> Attachments: 0001-Conditional-authentication-DB-logs.patch
>
>
> When used aside other processes with huge IO usage, the REST call to
> syncope/cxf/users/self can be take lot of time to reply (on our machine up to
> 60 seconds). This is due to the DB update on lastLoggindDate, mysql takes lot
> of time to commit the modifications.
> Maybe add an option for disabling this feature (or restrict the update
> following a minimum time gap) can be a good idea
--
This message was sent by Atlassian JIRA
(v6.2#6252)
