[jboss-jira] [JBoss JIRA] (ELY-1455) DB query seen for each request using FORM mechanism.

Wednesday, 6 December 2017



    [
https://issues.jboss.org/browse/ELY-1455?page=com.atlassian.jira.plugin.s...
] 

Alberto Gori commented on ELY-1455:
-----------------------------------

Sure:

{code:sql}

CREATE TABLE `user` (
  `id` int(10) unsigned NOT NULL AUTO_INCREMENT,
  `created_at` datetime NOT NULL,
  `display_name` varchar(30) COLLATE utf8_unicode_ci NOT NULL,
  `email` varchar(255) COLLATE utf8_unicode_ci NOT NULL,
  `first_name` varchar(50) COLLATE utf8_unicode_ci NOT NULL,
  `last_login` datetime DEFAULT NULL,
  `last_name` varchar(50) COLLATE utf8_unicode_ci NOT NULL,
  `modified_at` datetime NOT NULL,
  `password` char(32) COLLATE utf8_unicode_ci NOT NULL,
  `state` varchar(10) COLLATE utf8_unicode_ci NOT NULL,
  `user_type` varchar(20) COLLATE utf8_unicode_ci NOT NULL,
  `time_zone` varchar(255) COLLATE utf8_unicode_ci DEFAULT NULL,
  `features` varchar(50) COLLATE utf8_unicode_ci DEFAULT NULL,
  `avatarpath` varchar(250) COLLATE utf8_unicode_ci DEFAULT NULL,
  PRIMARY KEY (`id`),
  UNIQUE KEY `email` (`email`),
  UNIQUE KEY `display_name` (`display_name`),
  KEY `state` (`state`),
  KEY `user_type` (`user_type`)
) ENGINE=InnoDB AUTO_INCREMENT=10919 DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;

CREATE TABLE `user_user_group` (
  `user_id` int(10) unsigned NOT NULL,
  `user_group_id` int(10) unsigned NOT NULL AUTO_INCREMENT,
  PRIMARY KEY (`user_id`,`user_group_id`),
  KEY `name` (`user_group_id`),
  CONSTRAINT `user_user_group_ibfk_1` FOREIGN KEY (`user_id`) REFERENCES `user` (`id`),
  CONSTRAINT `user_user_group_ibfk_2` FOREIGN KEY (`user_group_id`) REFERENCES
`user_group` (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=561 DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
{code}


...
  DB query seen for each request using FORM mechanism.
 -----------------------------------------------------

                 Key: ELY-1455
                 URL: https://issues.jboss.org/browse/ELY-1455
             Project: WildFly Elytron
          Issue Type: Bug
          Components: Authentication Mechanisms
    Affects Versions: 1.2.0.Beta10
            Reporter: Martin Choma
            Assignee: Darran Lofthouse
             Fix For: 1.2.0.Beta11

         Attachments: elytron-bug-src.zip, server.log, standalone-full-ha.xml,
wmt-elytron.war


 User is complaining, that DB is accessed on each request. 
 Jdbc-realm + FORM authentication
 {noformat}
 <jdbc-realm name="myappRealm">
                     <principal-query sql="SELECT r.role, u.password FROM user u
join user_role_auth r on r.email = u.email where u.email=?"
data-source="myds">
                         <attribute-mapping>
                             <attribute to="Roles" index="1"/>
                         </attribute-mapping>
                         <simple-digest-mapper password-index="2"/>
                     </principal-query>
                 </jdbc-realm>
 {noformat}
 {noformat}
 2017-11-30 09:31:04,049 TRACE [org.wildfly.security] (default task-124) Principal
assigning: [alberto(a)myapp.com], pre-realm rewritten: [alberto(a)myapp.com], realm name:
[wmtRealm], post-realm rewritten: [alberto(a)myapp.com], realm rewritten:
[alberto(a)myapp.com]
 2017-11-30 09:31:04,049 TRACE [org.wildfly.security] (default task-124) Executing
principalQuery select password from user where email = ? with value alberto(a)myapp.com
 2017-11-30 09:31:04,051 TRACE [org.wildfly.security] (default task-124) Executing
principalQuery select role, 'Roles' from user_role_auth where email = ? with value
alberto(a)myapp.com
 2017-11-30 09:31:04,052 TRACE [org.wildfly.security] (default task-124) Executing
principalQuery select password from user where email = ? with value alberto(a)myapp.com
 2017-11-30 09:31:04,053 TRACE [org.wildfly.security] (default task-124) Role mapping:
principal [alberto(a)myapp.com] -> decoded roles [Administrator] -> realm mapped roles
[Administrator] -> domain mapped roles [Administrator]
 2017-11-30 09:31:04,053 TRACE [org.wildfly.security] (default task-124) Authorizing
principal alberto(a)myapp.com.
 2017-11-30 09:31:04,053 TRACE [org.wildfly.security] (default task-124) Authorizing
against the following attributes: [roles] => [Administrator]
 2017-11-30 09:31:04,053 TRACE [org.wildfly.security] (default task-124) Permission
mapping: identity [alberto(a)myapp.com] with roles [Administrator] implies
("org.wildfly.security.auth.permission.LoginPermission" "") = true
 2017-11-30 09:31:04,053 TRACE [org.wildfly.security] (default task-124) Authorization
succeed
 2017-11-30 09:31:04,053 TRACE [org.wildfly.security] (default task-124) Role mapping:
principal [alberto(a)myapp.com] -> decoded roles [Administrator] -> realm mapped roles
[Administrator] -> domain mapped roles [Administrator]
 2017-11-30 09:31:07,017 TRACE [org.wildfly.security] (default task-125) Principal
assigning: [alberto(a)myapp.com], pre-realm rewritten: [alberto(a)myapp.com], realm name:
[wmtRealm], post-realm rewritten: [alberto(a)myapp.com], realm rewritten:
[alberto(a)myapp.com]
 2017-11-30 09:31:07,018 TRACE [org.wildfly.security] (default task-125) Executing
principalQuery select password from user where email = ? with value alberto(a)myapp.com
 2017-11-30 09:31:07,019 TRACE [org.wildfly.security] (default task-125) Executing
principalQuery select role, 'Roles' from user_role_auth where email = ? with value
alberto(a)myapp.com
 2017-11-30 09:31:07,021 TRACE [org.wildfly.security] (default task-125) Executing
principalQuery select password from user where email = ? with value alberto(a)myapp.com
 2017-11-30 09:31:07,022 TRACE [org.wildfly.security] (default task-125) Role mapping:
principal [alberto(a)myapp.com] -> decoded roles [Administrator] -> realm mapped roles
[Administrator] -> domain mapped roles [Administrator]
 2017-11-30 09:31:07,022 TRACE [org.wildfly.security] (default task-125) Authorizing
principal alberto(a)myapp.com.
 2017-11-30 09:31:07,023 TRACE [org.wildfly.security] (default task-125) Authorizing
against the following attributes: [roles] => [Administrator]
 2017-11-30 09:31:07,023 TRACE [org.wildfly.security] (default task-125) Permission
mapping: identity [alberto(a)myapp.com] with roles [Administrator] implies
("org.wildfly.security.auth.permission.LoginPermission" "") = true
 2017-11-30 09:31:07,023 TRACE [org.wildfly.security] (default task-125) Authorization
succeed
 2017-11-30 09:31:07,023 TRACE [org.wildfly.security] (default task-125) Role mapping:
principal [alberto(a)myapp.com] -> decoded roles [Administrator] -> realm mapped roles
[Administrator] -> domain mapped roles [Administrator]
 {noformat} 


--
This message was sent by Atlassian JIRA
(v7.5.0#75005)

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

[jboss-jira] [JBoss JIRA] (ELY-1455) DB query seen for each request using FORM mechanism.