[jboss-jira] [JBoss JIRA] Updated: (JBPORTAL-2398) Performance bottleneck in the security screen of admin portlet

Chris Laprun (JIRA) jira-events at lists.jboss.org
Sun May 24 17:50:56 EDT 2009 

     [ https://jira.jboss.org/jira/browse/JBPORTAL-2398?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Chris Laprun updated JBPORTAL-2398:
-----------------------------------

    Fix Version/s: 2.7.3 Final
         Assignee: Chris Laprun


Will look at it, thanks for the report and patch! :)

> Performance bottleneck in the security screen of admin portlet
> --------------------------------------------------------------
>
>                 Key: JBPORTAL-2398
>                 URL: https://jira.jboss.org/jira/browse/JBPORTAL-2398
>             Project: JBoss Portal
>          Issue Type: Bug
>      Security Level: Public(Everyone can see) 
>          Components: Portal Core Admin
>    Affects Versions: 2.7.2 Final
>         Environment: Not applicable
>            Reporter: Philip Kedy
>            Assignee: Chris Laprun
>             Fix For: 2.7.3 Final
>
>         Attachments: AuthorizationBean.java, InstanceManagerBean.java, PortalObjectManagerBean.java, PortalObjectManagerBean.java
>
>
> Our JBoss Portal environment is integrated with Active Directory.  We have about 100 groups that show up in the security screen for both portal objects and portlet instances.  We noticed that the performance continually got worse as the number of groups increased.
> I have attached some changes to the AuthorizationBean to cache the role actions so that the DomainConfigurator.getSecurityBindings() method is not called for each role.  The cache expires when the URI changes.  Since the InstanceManagerBean and PortalObjectManagerBeans are session scoped it should be safe to make these changes.  This solution also resolves another issue in that the list of roles may change between the view and save actions and apply privileges to the incorrect roles.  We've had this happen a few times.
> Please review the attached files:
> - AuthorizationBean.java
> - InstanceManagerBean.java
> - PortalObjectManagerBean.java

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list