syncope-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Isuranga Perera <>
Subject Token creation is not thread safe
Date Mon, 09 Apr 2018 05:07:25 GMT
Hi All,

Token create method in AccessTokenDataBinderImpl[1] is not thread safe.
This could result in several problems including

   - Exist 2 different access token for a particular user at a given time
   which may result in an exception thrown by method call[2] since it expects
   a single token a given user.

In addition to that token replace is implemented as a combination of 2
different functionalities. Since the method is not thread safe this may
cause some unexpected behaviors (since there can be 2 tokens exist for a
particular user. same scenario as above).

Appreciate your insight on the $subject.



Best Regards
Isuranga Perera

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message