[
https://issues.apache.org/jira/browse/OAK-6818?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16262294#comment-16262294
]
Alex Deparvu commented on OAK-6818:
-----------------------------------
here's a way to reduce the conflicts based on the previous idea of throttling
the cleanup calls: {{uuid}} already provides some randomness we can reuse, so a
very simple idea is to only run it when {{uuid.charAt(0) < '4'}}. this reduces
the conflicts from around 2000 to around 350 in my tests.
> TokenAuthentication/TokenProviderImpl: cleanup expired tokens
> -------------------------------------------------------------
>
> Key: OAK-6818
> URL: https://issues.apache.org/jira/browse/OAK-6818
> Project: Jackrabbit Oak
> Issue Type: New Feature
> Components: core, security
> Reporter: angela
> Assignee: angela
> Fix For: 1.8
>
> Attachments: OAK-6818-osgi-test.patch, OAK-6818.patch
>
>
> During token based authentication a given token node gets removed if it is
> found to have expired in the mean time:
> Extract from {{TokenAuthentication.validateCredentials(TokenCredentials)}} as
> it works today:
> {code}
> [...]
> if (tokenInfo.isExpired(loginTime)) {
> tokenInfo.remove();
> return false;
> }
> [...]
> {code}
> However, this doesn't cope with those cases where expired tokens are being
> left behind without ever being caught by cleanup (e.g. new token issued and
> never try to login with expired token). So, this issue is about an extension
> that would allow to somehow/somewhen cleanup those tokens during
> authentication. In order not to cause extra overhead to the login we should
> set a limit (e.g. number of token nodes) that would only trigger the cleanup
> every now and then and not doing it all the time.
> What also needs to be clarified/investigated: would cleanup only be triggered
> in case of a failure?
> cc: [~stillalex], [~tmueller], [~chetanm], [~asanso]
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
