Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-10099

Allow to disable OAuth2 blacklist searches when stateless OAuth2 is not in use

    Details

    • Rank:
      1|hzskr3:
    • Support Ticket IDs:

      Description

      See OPENAM-10081.
      Since queries (from CTS reaper) to find OAUTH_BLACKLIST tokens:

      • can be pretty expensive ex:
        [25/Nov/2016:16:09:33 +0100] SEARCH REQ conn=119 op=160705 msgID=160706 base="dc=com" scope=sub filter="(&(&(coreTokenType=OAUTH_BLACKLIST)(coreTokenDate01>=20161125150833.483Z)(!(coreTokenString01=01)))(objectClass=frCoreToken))" attrs="coreTokenExpirationDate,coreTokenId,etag"
        [25/Nov/2016:16:09:34 +0100] SEARCH RES conn=119 op=160705 msgID=160706 result=0 nentries=0 etime=1414936085
        
      • are useless when OAuth2 (stateless) is not in use.

      We should provide a way to disable them.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                sberthol Sebastien Bertholet [X] (Inactive)
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated: