[Apiman-user] Keycloak OAuth plugin persistence bug
Marc Savy
marc.savy at redhat.com
Fri Jun 2 08:11:59 EDT 2017
Also, which platform are you running the Apiman Manager on. WildFly,
EAP, Tomcat, Jetty, etc?
Would be interested to see you try the newest Postgres driver. e.g.
https://jdbc.postgresql.org/download/postgresql-42.1.1.jar
On 2 June 2017 at 12:49, Marc Savy <marc.savy at redhat.com> wrote:
> Hi Andy,
>
> Can you describe how your API, ClientApp & Plan is set up?
>
> e.g.
>
> API = [Keycloak OAuth2 Policy]
> Plan = [<nothing>]
> ClientApp = [Header Policy]
>
>
> Regards,
> Marc
>
> On 2 June 2017 at 12:20, Andy Yar <andyyar66 at gmail.com> wrote:
>> Oh, sorry I missed version info.
>>
>> psql (PostgreSQL) 9.4.12
>> JDBC connector - PostgreSQL 9.4.1212
>> Apiman 1.2.9.Final
>> CentOS7
>> Oracle Java 1.8.0_111
>>
>> No export/import was done prior this issue.
>>
>> I can say I've been observed slower and slower responses during
>> operation with the Manager OAuth related pages.
>>
>> The trigger action seems to be a GET on a URL pattern like this:
>> apimanui/api-manager/orgs/MyOrg/plans/MyOrgKeycloakOAuth/1/policies/1155
>>
>> Resulting screen loads a policy config scheme from Keycloak OAuth
>> Plugin and displays it. It also generates N^2 new rows in
>> pd_templates. I've observed 16, 32, 64, 128 and then 256 added new
>> rows...
>>
>> Thanks
>>
>>
>> On Fri, Jun 2, 2017 at 12:26 PM, Marc Savy <marc.savy at redhat.com> wrote:
>>> Hi Andy,
>>>
>>> I spent time yesterday evening trying to replicate this after our chat
>>> on IRC, but I haven't been able to trigger it. Perhaps with more
>>> information we can narrow this down.
>>>
>>> Which version of Postgres are you using? Which driver version?
>>>
>>> I've been using: Postgres 9.6.2, Driver 42.1.1, apiman 1.3.0.Final
>>> (should be same as 1.2.9.Final for this).
>>>
>>> Have you done any export-import?
>>>
>>> Have you observed the precise action that corresponds with the
>>> extraneous pd_templates entries being inserted?
>>>
>>> Regards,
>>> Marc
>>>
>>> On 2 June 2017 at 08:05, Andy Yar <andyyar66 at gmail.com> wrote:
>>>>
>>>> Hello,
>>>> Keycloak OAuth plugin's presence generates a certain amount of records
>>>> to pd_templates table on each action of Apiman Manager related to a
>>>> Keycloak OAuth policy (even read-only ones like listing a plan's
>>>> policies, etc.).
>>>>
>>>> Over time the number of records in pd_templates table can grow to
>>>> milions resulting in Apiman Manager OoM exceptions. Given these
>>>> records are basically just text hints it is really funny.
>>>>
>>>> A workaround is to periodically dedup the records.
>>>>
>>>> I guess this issue should be an easy fix.
>>>>
>>>> Affected version is: Apiman 1.2.9.Final + corresponding Keycloak OAuth plugin.
>>>> _______________________________________________
>>>> Apiman-user mailing list
>>>> Apiman-user at lists.jboss.org
>>>> https://lists.jboss.org/mailman/listinfo/apiman-user
More information about the Apiman-user
mailing list