Details
-
Bug
-
Resolution: Unresolved
-
Low
-
None
-
2.10.1, 2.11.2
-
2
-
Severity 3 - Minor
-
4
-
Description
Current behavior
Crowd logs receive duplicated token messages when enabling SSO.
Crowd:
2017-03-21 09:48:06,437 http-bio-8443-exec-14 DEBUG [manager.token.factory.TokenKeyGeneratorImpl] Generating Token for principal: username 2017-03-21 09:48:06,437 http-bio-8443-exec-14 DEBUG [manager.token.factory.TokenKeyGeneratorImpl] Generating Token for principal: username
Confluence:
2017-03-21 09:48:06,502 DEBUG [http-nio-8443-exec-5] [crowd.manager.application.ApplicationServiceGeneric] findUserByName Located user 'username' in directory 1179649 'Crowd' 2017-03-21 09:48:06,519 DEBUG [http-nio-8443-exec-5] [crowd.manager.application.ApplicationServiceGeneric] findUserByName Located user 'username' in directory 1179649 'Crowd'
If you enable the database logging for Postgres for example, we can spot duplicated token update queries:
2017-04-21 10:47:28 BRT LOG: execute <unnamed>: update cwd_token set directory_id=$1, entity_name=$2, random_number=$3, identifier_hash=$4, random_hash=$5, created_date=$6, last_accessed_date=$7, last_accessed_time=$8, duration=$9 where id=$10 2017-04-21 10:47:28 BRT DETAIL: parameters: $1 = '32769', $2 = 'username', $3 = '2190354187148948430', $4 = '8l6iRqnOsppBLfyjaRFSiw00', $5 = 'Yg6BfKPWlelIA0l7fUGgmg00', $6 = '2017-04-21 10:47:16.889', $7 = '2017-04-21 10:47:16.889', $8 = '1492782448668', $9 = NULL, $10 = '327683'
2017-04-21 10:47:29 BRT LOG: execute <unnamed>: update cwd_token set directory_id=$1, entity_name=$2, random_number=$3, identifier_hash=$4, random_hash=$5, created_date=$6, last_accessed_date=$7, last_accessed_time=$8, duration=$9 where id=$10 2017-04-21 10:47:29 BRT DETAIL: parameters: $1 = '32769', $2 = 'username', $3 = '2190354187148948430', $4 = '8l6iRqnOsppBLfyjaRFSiw00', $5 = 'Yg6BfKPWlelIA0l7fUGgmg00', $6 = '2017-04-21 10:47:16.889', $7 = '2017-04-21 10:47:16.889', $8 = '1492782449039', $9 = NULL, $10 = '327683'
Expected behavior
Crowd should update the token only once for each login.
Symptoms
There is no apparent performance or major issues.
How to replicate
Install a Crowd and Confluence using the latest versions and integrate them with SSO.
Enable the following debug logs in Confluence and Crowd:
Confluence, set to ALL:
com.atlassian.confluence.security.login com.atlassian.confluence.security com.atlassian.crowd com.atlassian.crowd.manager com.atlassian.confluence com.atlassian.confluence.user.crowd
Crowd, set to DEBUG:
com.atlassian.crowd
Login to Confluence using the SSO user created in Crowd and the following appears in Crowd:
2017-03-29 10:41:53,514 http-bio-8095-exec-21 DEBUG [manager.token.factory.TokenKeyGeneratorImpl] Generating Token for principal: username 2017-03-29 10:41:53,514 http-bio-8095-exec-21 DEBUG [manager.token.factory.TokenKeyGeneratorImpl] Adding remote address of 127.0.0.1 2017-03-29 10:41:53,514 http-bio-8095-exec-21 DEBUG [manager.token.factory.TokenKeyGeneratorImpl] Generating Token for principal: username 2017-03-29 10:41:53,514 http-bio-8095-exec-21 DEBUG [manager.token.factory.TokenKeyGeneratorImpl] Adding remote address of 127.0.0.1
Workaround
There is no workaround at the moment