yahoo-eng-team team mailing list archive

[qianxi <qianxi416@xxxxxx>]

Public bug reported:

Related bug:
https://bugs.launchpad.net/keystone/+bug/1819036
Related commit:
https://opendev.org/openstack/keystone/commit/a0e9efae720e4afb41c99f5b41933d62512825cd

The fix for bug 1819036 does elevate the performance by
reducing the validation of token to only once, but that
fix caches token in the AuthContextMiddleware, which will
cause some "race conditions" during the handle of request:
  New request arrives at the time of handling current
  request, then, new token will be cached in the middleware
  and current request's token is replaced.

I think it's because the middleware only initiates once
at the startup of keystone, and every request use the same
instance of that middleware class.

Env:
On stein:
python-keystone-14.0.0
openstack-keystone-14.0.0
keystonemiddleware-5.3.0


Thanks!

** Affects: keystone
     Importance: Undecided
         Status: New

** Description changed:

  Related bug:
  https://bugs.launchpad.net/keystone/+bug/1819036
  Related commit:
  https://opendev.org/openstack/keystone/commit/a0e9efae720e4afb41c99f5b41933d62512825cd
  
  The fix for bug 1819036 does elevate the performance by
  reducing the validation of token to only once, but that
  fix caches token in the AuthContextMiddleware, which will
  cause some "race conditions" during the handle of request:
-   New request arrives at the time of handling current
-   request, then, new token will be cached in the middleware
-   and current request's token is replaced.
+   New request arrives at the time of handling current
+   request, then, new token will be cached in the middleware
+   and current request's token is replaced.
  
- I think it's because the middleware only initiates once 
+ I think it's because the middleware only initiates once
  at the startup of keystone, and every request use the same
  instance of that middleware class.
  
+ Env:
+ On stein:
+ python-keystone-14.0.0
+ openstack-keystone-14.0.0
+ keystonemiddleware-5.3.0
+ 
+ 
  Thanks!

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1850087

Title:
  keystone: token replaced at auth_context middleware

Status in OpenStack Identity (keystone):
  New

Bug description:
  Related bug:
  https://bugs.launchpad.net/keystone/+bug/1819036
  Related commit:
  https://opendev.org/openstack/keystone/commit/a0e9efae720e4afb41c99f5b41933d62512825cd

  The fix for bug 1819036 does elevate the performance by
  reducing the validation of token to only once, but that
  fix caches token in the AuthContextMiddleware, which will
  cause some "race conditions" during the handle of request:
    New request arrives at the time of handling current
    request, then, new token will be cached in the middleware
    and current request's token is replaced.

  I think it's because the middleware only initiates once
  at the startup of keystone, and every request use the same
  instance of that middleware class.

  Env:
  On stein:
  python-keystone-14.0.0
  openstack-keystone-14.0.0
  keystonemiddleware-5.3.0

  
  Thanks!

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1850087/+subscriptions