Loading...

XML

Word

Printable

Type: Suggestion
Resolution: Low Engagement
Fix Version/s: None
Component/s: Authentication / Security, Caching, SSO
Labels:
- cleanup-seos-fy25

Support reference count:
5

Summary

When cookie.tokenkey is missing in product's crowd.properties the value will be pulled from Crowd's /rest/config/cookie endpoint every time authentication check happens.

cookie.tokenkey is an optional configuration and it should be safe to not define it, but at the same time it adds a lot of unnecessery communication load. Making it cached on server side for few minutes could address this problem.

Workaround

Set the cookie.tokenkey to the value configured in the Crowd server. This is detailed in The crowd.properties file. Specifically:
An example of this configuration:

...
cookie.tokenkey=crowd.token_key

is related to

CWD-3983 XML deserialisation happens in the Crowd client in a non-optimal way, resulting in WebappClassLoader lock congestion

Closed

CWD-5100 The default crowd.properties file for clients should include the cookie name

Closed

mentioned in: Page Loading...

Assignee:: Unassigned
Reporter:: Przemyslaw Czuj (Inactive)
Votes:: 0 Vote for this issue
Watchers:: 7 Start watching this issue

Created:: 05/Sep/2018 2:56 PM
Updated:: 27/Apr/2025 12:43 PM
Resolved:: 27/Apr/2025 12:43 PM

Details

Description

Summary

Workaround

Attachments

Issue Links

Activity

People

Dates