[jira] [Commented] (CXF-7374) Concurrent calls to refreshAccessToken() fails with SQL constraint violation

[ASF GitHub Bot (JIRA)]

    [ 
https://issues.apache.org/jira/browse/CXF-7374?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16027968#comment-16027968
 ] 

ASF GitHub Bot commented on CXF-7374:
-------------------------------------

GitHub user gonzalad opened a pull request:

    https://github.com/apache/cxf/pull/275

    [CXF-7374] Fix for jpa refreshToken writeLock

    Fix for Jpa refreshToken writeLock:
     - writeLock is only called if RT already exist in db
       (rt.accessTokens > 0)
     - writeLock is moved to JPACMTCodeDataProvider
       it can only be used on CMT managed entityManagers
       since the transaction must span all the refreshAccessToken method
       (in non-CMTs, we have multiple tx for this single method).

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/gonzalad/cxf CXF-7374

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/cxf/pull/275.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #275
    
----
commit 07a1641b6d27d73d77b18371b473dcb1500908c7
Author: gonzalad <adr_gonza...@yahoo.fr>
Date:   2017-05-28T22:45:41Z

    [CXF-7374] Fix for jpa refreshToken writeLock
    
    Fix for Jpa refreshToken writeLock:
     - writeLock is only called if RT already exist in db
       (rt.accessTokens > 0)
     - writeLock is moved to JPACMTCodeDataProvider
       it can only be used on CMT managed entityManagers
       since the transaction must span all the refreshAccessToken method
       (in non-CMTs, we have multiple tx for this single method).

----


> Concurrent calls to refreshAccessToken() fails with SQL constraint violation
> ----------------------------------------------------------------------------
>
>                 Key: CXF-7374
>                 URL: https://issues.apache.org/jira/browse/CXF-7374
>             Project: CXF
>          Issue Type: Bug
>          Components: JAX-RS Security
>    Affects Versions: 3.2.0
>            Reporter: Viacheslav Gagara
>            Assignee: Sergey Beryozkin
>             Fix For: 3.2.0, 3.1.12
>
>
> When recycleRefreshTokens=false concurrent calls to refreshAccessToken() 
> cause SQLException (2 accessTokens are created simultaneously and added to 
> RefreshToken#accessTokens with the same index from different threads) 
> {code}
> Batch entry 0 insert into RefreshToken_accessTokens (RefreshToken_tokenKey, 
> accessTokens_ORDER, accessTokens) values ('fced31aaba6723ecc5956721e8f029f1', 
> 1, '8c559d9f738f33a1b866e7172c9e5644') was aborted: ERROR: duplicate key 
> value violates unique constraint "refreshtoken_accesstokens_pkey"
>   Detail: Key (refreshtoken_tokenkey, 
> accesstokens_order)=(fced31aaba6723ecc5956721e8f029f1, 1) already exists. 
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)