[JBoss JIRA] (ISPN-12126) Performance drop when using auth in REST
by Gustavo Fernandes (Jira)
[ https://issues.redhat.com/browse/ISPN-12126?page=com.atlassian.jira.plugi... ]
Gustavo Fernandes updated ISPN-12126:
-------------------------------------
Description:
Currently, the auth token is cached on a per-connection basis in the RestHandler. This works fine for HTTP/1 with keep-alive, but not for HTTP/2, because it multiplexes and uses one child-channel per each simultaneous request/response pair (stream).
One suggestion is to use {{[org.wildfly.security.auth.realm.CachingSecurityRealm|https://wildfly-security.github.io/wildfly-elytron/1.1.x/org/wildfly/security/auth/realm/CachingSecurityRealm.html]}} around the supported security realms to cache credentials for a configurable amount of time, or based on the number of credentials. This would also improve Hot Rod since the security realms are global
was:
Currently, the auth token is cached on a per-connection basis in the RestHandler. This works fine for HTTP/1 with keep-alive, but not for HTTP/2, because it multiplexes and uses one child-channel per each simultaneous request/response pair (stream).
One suggestion is to use {{org.wildfly.security.auth.realm.CachingSecurityRealm}} around the supported security realms to cache credentials for a configurable amount of time, or based on the number of credentials. This would also improve Hot Rod since the security realms are global
> Performance drop when using auth in REST
> ----------------------------------------
>
> Key: ISPN-12126
> URL: https://issues.redhat.com/browse/ISPN-12126
> Project: Infinispan
> Issue Type: Bug
> Components: REST, Security
> Affects Versions: 11.0.1.Final
> Reporter: Gustavo Fernandes
> Assignee: Gustavo Fernandes
> Priority: Major
>
> Currently, the auth token is cached on a per-connection basis in the RestHandler. This works fine for HTTP/1 with keep-alive, but not for HTTP/2, because it multiplexes and uses one child-channel per each simultaneous request/response pair (stream).
> One suggestion is to use {{[org.wildfly.security.auth.realm.CachingSecurityRealm|https://wildfly-security.github.io/wildfly-elytron/1.1.x/org/wildfly/security/auth/realm/CachingSecurityRealm.html]}} around the supported security realms to cache credentials for a configurable amount of time, or based on the number of credentials. This would also improve Hot Rod since the security realms are global
--
This message was sent by Atlassian Jira
(v7.13.8#713008)
4 years, 5 months
[JBoss JIRA] (ISPN-12126) Performance drop when using auth in REST
by Gustavo Fernandes (Jira)
[ https://issues.redhat.com/browse/ISPN-12126?page=com.atlassian.jira.plugi... ]
Gustavo Fernandes updated ISPN-12126:
-------------------------------------
Description:
Currently, the auth token is cached on a per-connection basis in the RestHandler. This works fine for HTTP/1 with keep-alive, but not for HTTP/2, because it multiplexes and uses one child-channel per each simultaneous request/response pair (stream).
One suggestion is to use {{org.wildfly.security.auth.realm.CachingSecurityRealm}} around the supported security realms to cache credentials for a configurable amount of time, or based on the number of credentials. This would also improve Hot Rod since the security realms are global
was:
Currently, the auth token is cached on a per-connection basis in the RestHandler. This works fine for HTTP/1 with keep-alive, but not for HTTP/2, because it multiplexes and uses one child-channel per each simultaneous request/response pair (stream).
One suggestion is to use {{org.wildfly.security.auth.realm.CachingSecurityRealm}} around the supported security realms to cache credentials for a configurable amount of time, or based on the number of credentials. This would also make Hot Rod better since the security realms are global
> Performance drop when using auth in REST
> ----------------------------------------
>
> Key: ISPN-12126
> URL: https://issues.redhat.com/browse/ISPN-12126
> Project: Infinispan
> Issue Type: Bug
> Components: REST, Security
> Affects Versions: 11.0.1.Final
> Reporter: Gustavo Fernandes
> Assignee: Gustavo Fernandes
> Priority: Major
>
> Currently, the auth token is cached on a per-connection basis in the RestHandler. This works fine for HTTP/1 with keep-alive, but not for HTTP/2, because it multiplexes and uses one child-channel per each simultaneous request/response pair (stream).
> One suggestion is to use {{org.wildfly.security.auth.realm.CachingSecurityRealm}} around the supported security realms to cache credentials for a configurable amount of time, or based on the number of credentials. This would also improve Hot Rod since the security realms are global
--
This message was sent by Atlassian Jira
(v7.13.8#713008)
4 years, 5 months
[JBoss JIRA] (ISPN-12126) Performance drop when using auth in REST
by Gustavo Fernandes (Jira)
[ https://issues.redhat.com/browse/ISPN-12126?page=com.atlassian.jira.plugi... ]
Gustavo Fernandes updated ISPN-12126:
-------------------------------------
Description:
Currently, the auth token is cached on a per-connection basis in the RestHandler. This works fine for HTTP/1 with keep-alive, but not for HTTP/2, because it multiplexes and uses one child-channel per each simultaneous request/response pair (stream).
One suggestion is to use {{org.wildfly.security.auth.realm.CachingSecurityRealm}} around the supported security realms to cache credentials for a configurable amount of time, or based on the number of credentials. This would also make Hot Rod better since the security realms are global
was:
Currently, the auth token is cached on a per-connection basis in the RestHandler. This works fine for HTTP/1 with keep-alive, but not for HTTP/2, because it multiplexes and uses one child-channel per stream (each stream in HTTP/2 is a req/resp pair that can happen simultaneously over the same connection).
One suggestion is to use {{org.wildfly.security.auth.realm.CachingSecurityRealm}} around the supported security realms to cache credentials for a configurable amount of time, or based on the number of credentials. This would also make Hot Rod better since the security realms are global
> Performance drop when using auth in REST
> ----------------------------------------
>
> Key: ISPN-12126
> URL: https://issues.redhat.com/browse/ISPN-12126
> Project: Infinispan
> Issue Type: Bug
> Components: REST, Security
> Affects Versions: 11.0.1.Final
> Reporter: Gustavo Fernandes
> Assignee: Gustavo Fernandes
> Priority: Major
>
> Currently, the auth token is cached on a per-connection basis in the RestHandler. This works fine for HTTP/1 with keep-alive, but not for HTTP/2, because it multiplexes and uses one child-channel per each simultaneous request/response pair (stream).
> One suggestion is to use {{org.wildfly.security.auth.realm.CachingSecurityRealm}} around the supported security realms to cache credentials for a configurable amount of time, or based on the number of credentials. This would also make Hot Rod better since the security realms are global
--
This message was sent by Atlassian Jira
(v7.13.8#713008)
4 years, 5 months
[JBoss JIRA] (ISPN-12126) Performance drop when using auth in REST
by Gustavo Fernandes (Jira)
[ https://issues.redhat.com/browse/ISPN-12126?page=com.atlassian.jira.plugi... ]
Gustavo Fernandes updated ISPN-12126:
-------------------------------------
Description:
Currently, the auth token is cached on a per-connections basis in the RestHandler. This works fine for HTTP/1 with keep-alive, but not for HTTP/2, because it multiplexes and uses one child-channel per stream (each stream in HTTP/2 is a req/resp pair that can happen simultaneously over the same connection).
One suggestion is to use {{org.wildfly.security.auth.realm.CachingSecurityRealm}} around the supported security realms to cache credentials for a configurable amount of time, or based on the number of credentials. This would also make Hot Rod better since the security realms are global
> Performance drop when using auth in REST
> ----------------------------------------
>
> Key: ISPN-12126
> URL: https://issues.redhat.com/browse/ISPN-12126
> Project: Infinispan
> Issue Type: Bug
> Components: REST, Security
> Affects Versions: 11.0.1.Final
> Reporter: Gustavo Fernandes
> Assignee: Gustavo Fernandes
> Priority: Major
>
> Currently, the auth token is cached on a per-connections basis in the RestHandler. This works fine for HTTP/1 with keep-alive, but not for HTTP/2, because it multiplexes and uses one child-channel per stream (each stream in HTTP/2 is a req/resp pair that can happen simultaneously over the same connection).
>
> One suggestion is to use {{org.wildfly.security.auth.realm.CachingSecurityRealm}} around the supported security realms to cache credentials for a configurable amount of time, or based on the number of credentials. This would also make Hot Rod better since the security realms are global
--
This message was sent by Atlassian Jira
(v7.13.8#713008)
4 years, 5 months
[JBoss JIRA] (ISPN-12126) Performance drop when using auth in REST
by Gustavo Fernandes (Jira)
[ https://issues.redhat.com/browse/ISPN-12126?page=com.atlassian.jira.plugi... ]
Gustavo Fernandes updated ISPN-12126:
-------------------------------------
Description:
Currently, the auth token is cached on a per-connection basis in the RestHandler. This works fine for HTTP/1 with keep-alive, but not for HTTP/2, because it multiplexes and uses one child-channel per stream (each stream in HTTP/2 is a req/resp pair that can happen simultaneously over the same connection).
One suggestion is to use {{org.wildfly.security.auth.realm.CachingSecurityRealm}} around the supported security realms to cache credentials for a configurable amount of time, or based on the number of credentials. This would also make Hot Rod better since the security realms are global
was:
Currently, the auth token is cached on a per-connections basis in the RestHandler. This works fine for HTTP/1 with keep-alive, but not for HTTP/2, because it multiplexes and uses one child-channel per stream (each stream in HTTP/2 is a req/resp pair that can happen simultaneously over the same connection).
One suggestion is to use {{org.wildfly.security.auth.realm.CachingSecurityRealm}} around the supported security realms to cache credentials for a configurable amount of time, or based on the number of credentials. This would also make Hot Rod better since the security realms are global
> Performance drop when using auth in REST
> ----------------------------------------
>
> Key: ISPN-12126
> URL: https://issues.redhat.com/browse/ISPN-12126
> Project: Infinispan
> Issue Type: Bug
> Components: REST, Security
> Affects Versions: 11.0.1.Final
> Reporter: Gustavo Fernandes
> Assignee: Gustavo Fernandes
> Priority: Major
>
> Currently, the auth token is cached on a per-connection basis in the RestHandler. This works fine for HTTP/1 with keep-alive, but not for HTTP/2, because it multiplexes and uses one child-channel per stream (each stream in HTTP/2 is a req/resp pair that can happen simultaneously over the same connection).
>
> One suggestion is to use {{org.wildfly.security.auth.realm.CachingSecurityRealm}} around the supported security realms to cache credentials for a configurable amount of time, or based on the number of credentials. This would also make Hot Rod better since the security realms are global
--
This message was sent by Atlassian Jira
(v7.13.8#713008)
4 years, 5 months
[JBoss JIRA] (ISPN-12097) Invalidation Cache with a shared store doesn't work properly after new SPI changes
by Will Burns (Jira)
[ https://issues.redhat.com/browse/ISPN-12097?page=com.atlassian.jira.plugi... ]
Will Burns updated ISPN-12097:
------------------------------
Git Pull Request: https://github.com/infinispan/infinispan/pull/8545, https://github.com/infinispan/infinispan/pull/8558 (was: https://github.com/infinispan/infinispan/pull/8545)
> Invalidation Cache with a shared store doesn't work properly after new SPI changes
> ----------------------------------------------------------------------------------
>
> Key: ISPN-12097
> URL: https://issues.redhat.com/browse/ISPN-12097
> Project: Infinispan
> Issue Type: Bug
> Components: Core, Loaders and Stores
> Affects Versions: 11.0.1.Final
> Reporter: Paul Ferraro
> Assignee: Will Burns
> Priority: Blocker
> Fix For: 12.0.0.Final, 11.0.2.Final
>
> Attachments: Test.java
>
>
> There seems to be something amiss with the new NonBlockingStore changes. When a transactional invalidation cache is used with a shared cache store, I've observed the entries published to the removePublisher of the NonBlockStore.batch(...) which should have targeted the writePublisher. This seems to happen when a batch only contains writes, but no removes.
> See the attached test to reproduce the issue, which executes two simple cache operations against a transactional vs non-transactional cache using a shared write-through store. The transactional version fails due to unexpected removals triggered by the batch(...) method (which, in the case of the JDBC store delegates to the deleteBatch(...) and bulkUpdate(...) methods. TRACE logging indicates that entries are unexpectedly published to the removePublisher of batch(...) when transactions are enabled causing entries to be removed unexpectedly from the store (as the result of a Cache.put(...)). When tx are disabled, the batch(...) method is, of course, not in play, and everything works correctly via the individual write/delete methods.
--
This message was sent by Atlassian Jira
(v7.13.8#713008)
4 years, 5 months