Loading...

XML

Word

Printable

Type: Suggestion
Resolution: Unresolved
Fix Version/s: None
Component/s: Authentication / Security, Caching, SSO
Labels:
None

Feedback Policy:

Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

Summary

When cookie.tokenkey is missing in product's crowd.properties the value will be pulled from Crowd's /rest/config/cookie endpoint every time authentication check happens.

cookie.tokenkey is an optional configuration and it should be safe to not define it, but at the same time it adds a lot of unnecessery communication load. Making it cached on server side for few minutes could address this problem.

Workaround

Set the cookie.tokenkey to the value configured in the Crowd server. This is detailed in The crowd.properties file. Specifically:
An example of this configuration:

...
cookie.tokenkey=crowd.token_key

is related to

CWD-3983 XML deserialisation happens in the Crowd client in a non-optimal way, resulting in WebappClassLoader lock congestion

Closed

CWD-5100 The default crowd.properties file for clients should include the cookie name

Closed

mentioned in: Page Loading...

Assignee:: Unassigned

Reporter:: Przemyslaw Czuj

Votes:: 0 Vote for this issue

Watchers:: 6 Start watching this issue

Created:: 05/Sep/2018 2:56 PM

Updated:: 13/Dec/2019 1:14 AM

Details

Description

Summary

Workaround

Attachments

Issue Links

Forms

Activity

People

Dates