revocation process is done thrice while checking token(V3)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
New
|
Undecided
|
rohita joshi |
Bug Description
While executing 'Check Token' use case for version v3, same SQL queries are executed three times for fetching and deleting invalid revocation events. Out of them one query is executed for Auth-Token validation while other two are executed during Subject-Token validation.
The queries are,
SELECT revocation_event.id AS revocation_
FROM revocation_event ORDER BY revocation_
DELETE FROM revocation_event WHERE revocation_
In DELETE query, the timestamp will remain same for all DELETE request as the execution time of the use case is approximately 0.160 seconds.
Token can also be validated by executing queries only once(at starting of the process). Multiple request for revocation can be considered as performance overhead as, to execute 3 queries, keystone need to connect with MySQL 3 times.
Execution step:
curl -i -X GET -H "X-Auth-
We have also executed for version v2, for that revocation process is done only twice one for Auth-Token and one for Subject-Token. /bugs.launchpad .net/keystone/ +bug/1518902 )
Related Bug is reported with bug id #1518902(https:/
If that bug is fixed, this will also get resolved.