Uploaded image for project: 'mod-authtoken'
  1. mod-authtoken
  2. MODAT-80

SPIKE: investigate authentication performance optimizations

    XMLWordPrintable

Details

    • CP: sprint 92, CP: sprint 94
    • Core: Platform

    Description

      We are expecting that the authentication overhead (the time it takes for Okapi to call mod-authtoken during the "auth" filter phase for /*) is substantial. If this is confirmed by OKAPI-860 and PTF measurements we need to investigate potential optimisations to minimize this overhead.

      In the past we have (roughly) discussed different potential approaches:

      • cache and re-use authentication tokens for module-to-module calls (for the same endpoint-modulePermissions pair)
      • merge mod-authtoken with Okapi (as an internal module) (TODO link the Okapi caching ticket)
      • modify internal API between Okapi and mod-authtoken to be able to provide more caching within mod-authtoken (e.g make mod-authtoken responsible for retrieving module permissions (or complete MDs) and cache tokens localy)

      We would like to introduce the optimization in a way that is as transparent to FOLIO modules as possible and does not require fundamental changes to the authentication/authorization model. We may need to change certain aspects of existing behavior, e.g the fact that module-to-module communication "inherits" initial user permissions, to benefit from more aggressive token caching and re-use.

      TestRail: Results

        Attachments

          Issue Links

            is cloned by

            Task - A task that needs to be done. MODAT-83 SPIKE: investigate authentication performance optimizations continued.

            • P2 - normal priority level, must be included in the current development cycle
            • Closed
            relates to

            Bug - A problem which impairs or prevents the functions of the product. MODAT-82 Replace linear search MainVerticle.LimitedSizeQueue

            • TBD - To be determined
            • Closed

            Story - Created by Jira Software - do not edit or delete. Issue type for a user story. OKAPI-860 Add HTTP (API calls, system calls) metrics to Okapi

            • P2 - normal priority level, must be included in the current development cycle
            • Closed

            Task - A task that needs to be done. MODAT-20 Experiment with caching of permissions

            • P3 - low priority level, item will be considered for inclusion in the next dev cycle
            • Closed

            Task - A task that needs to be done. MODAT-51 investigate potential mod-authtoken performance issue

            • P2 - normal priority level, must be included in the current development cycle
            • Blocked

            Activity

              People

                cmcnally Craig McNally
                jakub Jakub Skoczen
                Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved:

                  TestRail: Runs

                    TestRail: Cases