Details
-
Bug
-
Resolution: Fixed
-
Medium
-
5.5.0
-
None
-
5
-
Severity 3 - Minor
-
40
-
Description
Issue Summary
When a client authenticates using a HTTP access token the LAST_AUTHENTICATED column is updated in the AO ACCESS_TOKEN table. Where a given access token is used very frequently this can result in high database load. But worse, when the access token is used both frequently and concurrently this can result in contention on the row.
A similar model exists for normal user logins where the cwd_user_attribute table is updated with the last authenticated time. This however has its update frequency restricted to (by default) once per 60 seconds per cluster node. A similar model should be applied to access tokens.
Steps to Reproduce
- Authenticate with a personal access token multiple times
Expected Results
The last authenticated column should be updated at a reduced frequency.
Actual Results
The last authenticated column is updated for each and every successful authentication.
Workaround
Currently there is no known workaround for this behavior. A workaround will be added here when available