Details

    • Type: New Feature New Feature
    • Status: Closed Closed
    • Priority: Major Major
    • Resolution: Cannot Reproduce
    • Affects Version/s: 1.1
    • Fix Version/s: 1.2
    • Labels:
      None

      Description

      It is useful to have more statistics and some logging to be able to check system performance.

      See also the mail thread starting at http://wamblee.org/pipermail/flexiblejdbcrealm/2011-March/000028.html

        Activity

        Hide
        Erik Brakkee added a comment -
        Comment from Andreas:

        In everyday use we identified the following logging features as extremely useful:

        If log level is set to FINE, we would receive exactly one log entry per request to FlexibleJDBCRealm. The log entry would contain whether the query could be satisfied from cache or whether it had to go to the DB (in which case timing info would be shown, e.g. 150ms.) => this would allow to get a good feel of exactly how often authentication is run and it could help to decide as to whether one should authenticate with each call or use a sessionID, etc.

        The password would NOT be shown for confidentiality reasons.
        Show
        Erik Brakkee added a comment - Comment from Andreas: In everyday use we identified the following logging features as extremely useful: If log level is set to FINE, we would receive exactly one log entry per request to FlexibleJDBCRealm. The log entry would contain whether the query could be satisfied from cache or whether it had to go to the DB (in which case timing info would be shown, e.g. 150ms.) => this would allow to get a good feel of exactly how often authentication is run and it could help to decide as to whether one should authenticate with each call or use a sessionID, etc. The password would NOT be shown for confidentiality reasons.
        Hide
        Erik Brakkee added a comment -
        More general statistics:

            * number of times specific operations where called: getPassword, getSeed, getGroups
            * total time involved in database access per query.
            * total time involved per query (including caching and database access)
            * total number of cache hits per query
            * total number of failed password authentications
        Show
        Erik Brakkee added a comment - More general statistics:     * number of times specific operations where called: getPassword, getSeed, getGroups     * total time involved in database access per query.     * total time involved per query (including caching and database access)     * total number of cache hits per query     * total number of failed password authentications
        Hide
        Erik Brakkee added a comment -
        Failed password authentications will not be logged by flexible JDBC realm. Instead glassfish audit logging should be used.
        See for instance the Oracle Glassfish 3.1 security guide (http://download.oracle.com/docs/cd/E18930_01/html/821-2435/gksca.html)
        Show
        Erik Brakkee added a comment - Failed password authentications will not be logged by flexible JDBC realm. Instead glassfish audit logging should be used. See for instance the Oracle Glassfish 3.1 security guide ( http://download.oracle.com/docs/cd/E18930_01/html/821-2435/gksca.html )
        Hide
        Erik Brakkee added a comment -
        The following statistics have been implemented for an authentication repository:
        1. total duration
        2. number of successful attempts
        3. number of failed attempts

        The above three statistics are available for findPassword(), findSeed(), and findGroups().

        findPassword() and findGroups() are considered to fail when the user is unknown.
        findSeed() is only considered to fial when an exception is thrown (which should never occur in the implementation).

        Duration is in milliseconds.
        Show
        Erik Brakkee added a comment - The following statistics have been implemented for an authentication repository: 1. total duration 2. number of successful attempts 3. number of failed attempts The above three statistics are available for findPassword(), findSeed(), and findGroups(). findPassword() and findGroups() are considered to fail when the user is unknown. findSeed() is only considered to fial when an exception is thrown (which should never occur in the implementation). Duration is in milliseconds.

          People

          • Assignee:
            Erik Brakkee
            Reporter:
            Erik Brakkee
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: