Uploaded image for project: 'mod-authtoken'
  1. mod-authtoken
  2. MODAT-83

SPIKE: investigate authentication performance optimizations continued.



    • CP: sprint 92, CP: sprint 95, CP: sprint 96, CP: sprint 97
    • Core: Platform


      This is a continuation of MODAT-80, which was split because it spanned more than one sprint.

      See [https://wiki.folio.org/pages/viewpage.action?pageId=36581623|MODAT-80/83 - Auth Performance Improvements] for current spike progress

      We are expecting that the authentication overhead (the time it takes for Okapi to call mod-authtoken during the "auth" filter phase for /*) is substantial. If this is confirmed by OKAPI-860 and PTF measurements we need to investigate potential optimisations to minimize this overhead.

      In the past we have (roughly) discussed different potential approaches:

      • cache and re-use authentication tokens for module-to-module calls (for the same endpoint-modulePermissions pair)
      • merge mod-authtoken with Okapi (as an internal module) (TODO link the Okapi caching ticket)
      • modify internal API between Okapi and mod-authtoken to be able to provide more caching within mod-authtoken (e.g make mod-authtoken responsible for retrieving module permissions (or complete MDs) and cache tokens localy)*

      We would like to introduce the optimization in a way that is as transparent to FOLIO modules as possible and does not require fundamental changes to the authentication/authorization model. We may need to change certain aspects of existing behavior, e.g the fact that module-to-module communication "inherits" initial user permissions, to benefit from more aggressive token caching and re-use.

      Expected output:

      • Wiki page updated
      • Cache topic only

      TestRail: Results


          Issue Links



                cmcnally Craig McNally
                cmcnally Craig McNally
                0 Vote for this issue
                3 Start watching this issue



                  TestRail: Runs

                    TestRail: Cases