Uploaded image for project: 'WildFly Elytron'
  1. WildFly Elytron
  2. ELY-1455

DB query seen for each request using programatic authentication

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Critical Critical
    • None
    • 1.2.0.Beta10
    • None

      User is complaining, that DB is accessed on each request.

      Jdbc-realm + FORM authentication

      <jdbc-realm name="myappRealm">
                          <principal-query sql="SELECT r.role, u.password FROM user u join user_role_auth r on r.email = u.email where u.email=?" data-source="myds">
                              <attribute-mapping>
                                  <attribute to="Roles" index="1"/>
                              </attribute-mapping>
                              <simple-digest-mapper password-index="2"/>
                          </principal-query>
                      </jdbc-realm>
      
      2017-11-30 09:31:04,049 TRACE [org.wildfly.security] (default task-124) Principal assigning: [alberto@myapp.com], pre-realm rewritten: [alberto@myapp.com], realm name: [wmtRealm], post-realm rewritten: [alberto@myapp.com], realm rewritten: [alberto@myapp.com]
      2017-11-30 09:31:04,049 TRACE [org.wildfly.security] (default task-124) Executing principalQuery select password from user where email = ? with value alberto@myapp.com
      2017-11-30 09:31:04,051 TRACE [org.wildfly.security] (default task-124) Executing principalQuery select role, 'Roles' from user_role_auth where email = ? with value alberto@myapp.com
      2017-11-30 09:31:04,052 TRACE [org.wildfly.security] (default task-124) Executing principalQuery select password from user where email = ? with value alberto@myapp.com
      2017-11-30 09:31:04,053 TRACE [org.wildfly.security] (default task-124) Role mapping: principal [alberto@myapp.com] -> decoded roles [Administrator] -> realm mapped roles [Administrator] -> domain mapped roles [Administrator]
      2017-11-30 09:31:04,053 TRACE [org.wildfly.security] (default task-124) Authorizing principal alberto@myapp.com.
      2017-11-30 09:31:04,053 TRACE [org.wildfly.security] (default task-124) Authorizing against the following attributes: [roles] => [Administrator]
      2017-11-30 09:31:04,053 TRACE [org.wildfly.security] (default task-124) Permission mapping: identity [alberto@myapp.com] with roles [Administrator] implies ("org.wildfly.security.auth.permission.LoginPermission" "") = true
      2017-11-30 09:31:04,053 TRACE [org.wildfly.security] (default task-124) Authorization succeed
      2017-11-30 09:31:04,053 TRACE [org.wildfly.security] (default task-124) Role mapping: principal [alberto@myapp.com] -> decoded roles [Administrator] -> realm mapped roles [Administrator] -> domain mapped roles [Administrator]
      2017-11-30 09:31:07,017 TRACE [org.wildfly.security] (default task-125) Principal assigning: [alberto@myapp.com], pre-realm rewritten: [alberto@myapp.com], realm name: [wmtRealm], post-realm rewritten: [alberto@myapp.com], realm rewritten: [alberto@myapp.com]
      2017-11-30 09:31:07,018 TRACE [org.wildfly.security] (default task-125) Executing principalQuery select password from user where email = ? with value alberto@myapp.com
      2017-11-30 09:31:07,019 TRACE [org.wildfly.security] (default task-125) Executing principalQuery select role, 'Roles' from user_role_auth where email = ? with value alberto@myapp.com
      2017-11-30 09:31:07,021 TRACE [org.wildfly.security] (default task-125) Executing principalQuery select password from user where email = ? with value alberto@myapp.com
      2017-11-30 09:31:07,022 TRACE [org.wildfly.security] (default task-125) Role mapping: principal [alberto@myapp.com] -> decoded roles [Administrator] -> realm mapped roles [Administrator] -> domain mapped roles [Administrator]
      2017-11-30 09:31:07,022 TRACE [org.wildfly.security] (default task-125) Authorizing principal alberto@myapp.com.
      2017-11-30 09:31:07,023 TRACE [org.wildfly.security] (default task-125) Authorizing against the following attributes: [roles] => [Administrator]
      2017-11-30 09:31:07,023 TRACE [org.wildfly.security] (default task-125) Permission mapping: identity [alberto@myapp.com] with roles [Administrator] implies ("org.wildfly.security.auth.permission.LoginPermission" "") = true
      2017-11-30 09:31:07,023 TRACE [org.wildfly.security] (default task-125) Authorization succeed
      2017-11-30 09:31:07,023 TRACE [org.wildfly.security] (default task-125) Role mapping: principal [alberto@myapp.com] -> decoded roles [Administrator] -> realm mapped roles [Administrator] -> domain mapped roles [Administrator]
      

        1. standalone-full-ha.xml
          41 kB
        2. server.log
          319 kB
        3. elytron-bug.zip
          37 kB

              Unassigned Unassigned
              mchoma@redhat.com Martin Choma
              Votes:
              1 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated: