Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-12373

amster transport key makes rest operations too slow for hardcoded timeout limit of 10 seconds


    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 5.5.1
    • Fix Version/s: 6.0.0, 5.5.2
    • Component/s: REST SDK
    • Labels:
    • Environment:
      Centos 7 Java 8 Tomcat 8
    • Needs backport:
    • Needs QA verification:
    • Functional tests:
    • Are the reproduction steps defined?:
      No (add reasons in the comment)


      Bug description

      If a transport key is set up to allow the rest interface (and therefore amster) to export passwords, interfaces that list objects with passwords/secrets take too long to respond. This has been observed in amster export-config and simply listing 20 OAuth2 clients in a realm. In the case of amster, export times out and fails. This is made worse by the hard coded timeout in amster.

      How to reproduce the issue

      1. Set up AM
      2. Create 20 Oauth2 clients.
      3. Create a transport key as described in the amster installation docs, or using transport-key.sh in the samples folder.
      4. Reboot AM
      5. Visit the OAuth2 clients page in AM.
      6. Wait for about 30 seconds.

      Recomend only exporting passwords/secrets on the rest interface if the request is made with a specific parameter. That way having a transport key in place does not slow down the rest of the service, but passwords could still be requester when needed (eg amster export config).




          Issue Links



              • Assignee:
                sean.oneill Sean ONeill [X] (Inactive)
                simon.harding Simon Harding
              • Votes:
                0 Vote for this issue
                11 Start watching this issue


                • Created: