Details
-
Bug
-
Resolution: Fixed
-
Medium
-
3.13.2
-
None
-
3.13
-
Description
Sorry for poor English.
When load of our service increase, we start to eventually detect, what loged in user becomes another user. In all cases users become ones which uses SOAP -RPC (we have some integration solutions and lot of Mylyn users). At now load from RPC is about 30% of all load.
Today we finish investigation which points to ActionContext and IssueServiceImpl. IssueServiceImpl has method setUserInJira, which make RPC user looks like another user for a moment. ActionContext.getSession (ThreadLocal) Returns map which envelope INSTANCE of HttpSession. First of all storing this instance produces unperiodic eventually IllegalStateException, but it's not major issue. Looks like that ThreadLocaled session is very very bad solution. Now we have about 3.5K RPS in peak.
Now we make a workaround and sets empty ActionContext on each request. Will be grate if you investigate ant realise good solution, but i think what using such type of session is very bad solution.
Attachments
Issue Links
- is related to
-
JRASERVER-16853 RPC Plugin does not use finally blocks around setUser calls on ActionContext.
- Closed