The IDM apis should be designed to support stateless access and not require any form of synchronization, volatiles, or CAS. It's fine however to have caching plugins which do keep state and are designed for concurrent access. However, those should be implemented using near-lockless strategies. I can help with that if you need it.
On Jun 13, 2013, at 8:15 AM, Shane Bryzak <sbryzak@redhat.com> wrote:
Do you mean DefaultStoreFactory.createIdentityStore() ? I actually
don't think we should be caching the stores here at all, I'll create a
JIRA to investigate this.
On 13/06/13 22:27, Bill Burke wrote:
IdentityManagerFactory's fields are all HashMaps and you're populating
the store cache on the fly. Is there any reason you don't
pre-initialize the store cache?
On 6/12/2013 6:22 PM, Shane Bryzak wrote:
IdentityManagerFactory is designed to be application-scoped (or even
container scoped), while IdentityManager is a lightweight object that is
designed to be request-scoped (as each IdentityManager has its own
SecurityContext with potential references to short-lived objects, such
as entity managers). Which concurrency issues have you found? We
should raise issues in JIRA to address these before we hit final.
On 13/06/13 07:26, Bill Burke wrote:
How should concurrent access to IDM storage be handled? Right now I see
a lot of concurrency issues in the code that will pretty much force you
to create an IdentityManagerFactory and IdentityManager per request.
_______________________________________________
security-dev mailing list
security-dev@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/security-dev
_______________________________________________
security-dev mailing list
security-dev@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/security-dev
--
Jason T. Greene
WildFly Lead / JBoss EAP Platform Architect
JBoss, a division of Red Hat
_______________________________________________
security-dev mailing list
security-dev@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/security-dev