Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-15406

Improve performance for registering and maintaining OAuth2 Clients

    Details

    • Type: Improvement
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 5.5.1, 6.5.2, 7.0.0
    • Fix Version/s: None
    • Component/s: oauth2, sms
    • Labels:
    • Support Ticket IDs:

      Description

      Increasingly customers are looking to register a large number of Oauth2 clients in their environments.

      We are seeing targets of millions of Oauth2 clients and this creates a number of problems in our current SMS/Agent architecture that is used to register and maintain these.

      This can be avoided by choosing a 1-to-many mapping of clients which has the advantage of keeping clients manageable and easier to administer. It greatly simplifies revoking all tokens for example.

      However if the more cumbersome 1:1 mapping is chosen then we do hit a number of scalability issues.
      For example:
      We have seen issues with performance of searches (OPENAM-3996,OPENAM-11944)
      The UI does not handle this large numbers well (OPENAM-12156)
      Additionally Agents/Clients are stored in in-memory caches that, at this scale, cause heap sizing problems.

      We should revisit the way we register and store Oauth2 clients with an aim to address these concerns.

        Attachments

        1. custom-1000sec-2gheap.png
          custom-1000sec-2gheap.png
          42 kB
        2. custom-10mins.png
          custom-10mins.png
          74 kB
        3. OPENAM-15406_OPENAM-3996.diff
          65 kB
        4. vanilla-1000sec-2gheap.png
          vanilla-1000sec-2gheap.png
          115 kB
        5. vanilla-10mins.png
          vanilla-10mins.png
          74 kB

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                jonthomas Jonathan Thomas
              • Votes:
                2 Vote for this issue
                Watchers:
                12 Start watching this issue

                Dates

                • Created:
                  Updated: