Issue Summary

A "Unique index or primary key violation" may occur when multiple concurrent failed authentication attempts try to update the failedAuthenticationAttemptCount attribute in the cwd_user_attribute table.

This is reproducible on Data Center: yes

Steps to Reproduce

Make multiple concurrent clone requests over http with incorrect credentials.

Expected Results

The failedAuthenticationAttemptCount attribute should be updated correctly.

Actual Results

A race condition occurs where two or more separate attempts update the count with the same value and throws the following error.

2023-05-24 17:16:27,949 ERROR [http-nio-7990-exec-9] @10DNE6Fx1036x38x4 127.0.0.1 "GET /scm/project_1/rep_1.git/info/refs HTTP/1.1" o.h.e.jdbc.spi.SqlExceptionHelper Unique index or primary key violation: "SYS_IDX_SYS_CT_10203_10205 ON PUBLIC.CWD_USER_ATTRIBUTE(USER_ID, ATTRIBUTE_NAME, ATTRIBUTE_LOWER_VALUE) VALUES ( /* key:229416 */ null, 131073, null, 'failedAuthenticationAttemptCount', null, '1', null)"; SQL statement:
insert into cwd_user_attribute (user_id, directory_id, attribute_name, attribute_value, attribute_lower_value, attribute_numeric_value, id) values (?, ?, ?, ?, ?, ?, ?) [23505-176]

Workaround

Currently there is no known workaround for this behavior. A workaround will be added here when available.