Github user IsurangaPerera commented on a diff in the pull request:
https://github.com/apache/syncope/pull/70#discussion_r181094994
--- Diff:
core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/AccessTokenDataBinderImpl.java
---
@@ -135,11 +135,7 @@
accessToken.setAuthorities(authorities);
}
- accessTokenDAO.save(accessToken);
- }
-
- if (replaceExisting && existing != null) {
- accessTokenDAO.delete(existing);
+ accessTokenDAO.merge(accessToken);
--- End diff --
exactly. this is to assure that there can be only one access token
associated with a particular user at an any given time and also a workaround to
overcome thread not safe problem without affecting the performance(without
using serialized isolation)
---
