Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Fixed
Priority: Medium
Fix Version/s: 7.6.21, 7.17.14, 7.21.8, 8.7.0
Affects Version/s: 5.5.0
Component/s: Authentication
Labels:
None

Support reference count:
5
Symptom Severity:
Severity 3 - Minor
UIS:
40
Bug Fix Policy:
View Atlassian Server bug fix policy

Description

Issue Summary

When a client authenticates using a HTTP access token the LAST_AUTHENTICATED column is updated in the AO ACCESS_TOKEN table. Where a given access token is used very frequently this can result in high database load. But worse, when the access token is used both frequently and concurrently this can result in contention on the row.

A similar model exists for normal user logins where the cwd_user_attribute table is updated with the last authenticated time. This however has its update frequency restricted to (by default) once per 60 seconds per cluster node. A similar model should be applied to access tokens.

Steps to Reproduce

Authenticate with a personal access token multiple times

Expected Results

The last authenticated column should be updated at a reduced frequency.

Actual Results

The last authenticated column is updated for each and every successful authentication.

Workaround

Currently there is no known workaround for this behavior. A workaround will be added here when available

Attachments

Issue Links

mentioned in: Page Loading...; Page Loading...; Page Loading...

Activity

People

Assignee:: Ben Humphreys

Reporter:: Ben Humphreys

Votes:: 3 Vote for this issue

Watchers:: 11 Start watching this issue

Dates

Created:: 17/Nov/2022 10:23 PM

Updated:: 02/Jan/2024 1:25 AM

Resolved:: 10/Jan/2023 1:02 AM