Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-3226

Creating a realm may cause duplicate delegation privilege entries to be written to datastore if multiple servers are running

    XMLWordPrintable

    Details

    • Rank:
      1|hzo533:
    • Support Ticket IDs:

      Description

      This is similar to OPENAM-1816.
      when you create organization/realm
      it sends out notification and that notification will trigger DelegationPrivilege to be created
      When the realm is created and if there are more than one OpenAM servers, each openam instance will receive realm created event via persistent search.
      That event will eventually trigger objectChanged event in each OpenAM instance and create conflict which OpenDJ will try to resolve by renaming the entry as "entryuuid=xxx"

      OpenDJ access log:
      [18/Oct/2013:11:57:33 -0500] ADD REQ conn=-1 op=22269 msgID=22270 dn="entryuuid=eedbe29a-7d54-464f-ab26-e82297ac1524+ou=o=test-realm^o=admin^ou=services^dc=openam^dc=forgerock^dc=org^^PolicyAdmin,ou=Policies,ou=default,ou=OrganizationConfig,ou=1.0,ou=iPlanetAMPolicyService,ou=services,o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=openam,dc=forgerock,dc=org" type=synchronization

      Relevant stacktrace:
      Thread [smIdmThreadPool] (Suspended (breakpoint at line 440 in DataStore))
      DataStore.add(Subject, String, Privilege) line: 440
      OpenSSOIndexStore.add(Privilege) line: 223
      OpenSSOIndexStore.add(Set<IPrivilege>) line: 211
      PolicyManager.addPolicy(Policy) line: 616
      DelegationPolicyImpl.addPrivilege(SSOToken, String, DelegationPrivilege) line: 343
      DelegationManager.addPrivilege(DelegationPrivilege) line: 272
      DelegationUtils.copyRealmPrivilegesFromParent(SSOToken, OrganizationConfigManager, OrganizationConfigManager) line: 193
      SMServiceListener.organizationConfigChanged(String, String, String, String, String, int) line: 150
      ServiceConfigManagerImpl.notifyOrgConfigChange(String, String, String, int) line: 488
      ServiceConfigManagerImpl.objectChanged(String, int) line: 448
      SMSNotificationManager.sendNotifications(String, int, boolean) line: 289
      SMSNotificationManager$LocalChangeNotifcationTask.run() line: 365
      ThreadPool$WorkerThread.run() line: 306

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              sachiko Sachiko Wallace
              Reporter:
              sachiko Sachiko Wallace
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: