Comments (14)
int NOT NULL IDENTITY
will max out after 2 billion sessions have been created. Do you expect to have more than 2 billion sessions (user logins)?
from identityserver.
from identityserver.
If you will have 10 million sessions created daily, that would indeed deplete the session store in less than one year.
We will look into it.
from identityserver.
@TLYoz We have looked at this and this is indeed something we overlooked in the design. We are looking into possibilities to change the Id to a long, but we need to be careful with how it would affect existing deployments.
It is also worth noting that the Id
is only present on the entity we ship as part of our EF package. Internally IdentityServer uses a string
key. Someone implementing their own storage layer is not affected by the int
limitation.
from identityserver.
OK. We are using your EF package. But if it is a string internally why not use a guid or are you concerned about insert performance and re-indexing.
from identityserver.
So the other question. As it states this is enabled by default in 6.1 what steps can we take to disable it so this overrun cant occur
from identityserver.
Also. If we run the migration script using BIGINT does anyone for see any issues with us using your underlying EF module with an Int32 in the DTO (obviously I understand the overrun) but the code will be easier to change that upgrading the table later.
from identityserver.
OK. We are using your EF package. But if it is a string internally why not use a guid or are you concerned about insert performance and re-indexing.
That's right - our provider doesn't know which database it is being used on, but some will do a lot better with a numeric id.
from identityserver.
So the other question. As it states this is enabled by default in 6.1 what steps can we take to disable it so this overrun cant occur
Server side sessions are only enabled if you explicitly enable them and add the services to DI. Maybe there's something incorrect or misleading elsewhere in the docs - can you point me at what you're looking at in the docs please?
from identityserver.
OK. We are using your EF package. But if it is a string internally why not use a guid or are you concerned about insert performance and re-indexing.
Guid's generated by EF Core's ValueGenerator cause fragmentation issues in a webfarm/with parallel inserts as those Guid's are not sequential.
from identityserver.
If/when we do this, I think it requires lots of docs around the actual DB update for systems that have no down time. Think about what the default migrations look like and how that would compare to an actual large scale system and how appropriate/inappropriate it would be. Perhaps either advice that the DBA do something to help migrate, or an example of a custom store that handles the migration record by record?
from identityserver.
The impact of changing the data type depends on the database engine and volume of records. Most deployments should have some less busy hours where it is possible to run a simple alter column command and change the data type.
For deployments where that would cause unacceptable downtime, the solution is dependent on the DB engine used and should be handled by a custom database migration script. For example, SQL Server Enterprise Edition has an online index rebuild feature that should allow this change to be run without interrupting access to the table.
from identityserver.
For deployments where that would cause unacceptable downtime, the solution is dependent on the DB engine used and should be handled by a custom database migration script. For example, SQL Server Enterprise Edition has an online index rebuild feature that should allow this change to be run without interrupting access to the table.
Did we open an issue then to document this?
from identityserver.
For deployments where that would cause unacceptable downtime, the solution is dependent on the DB engine used and should be handled by a custom database migration script. For example, SQL Server Enterprise Edition has an online index rebuild feature that should allow this change to be run without interrupting access to the table.
Did we open an issue then to document this?
I included it in DuendeSoftware/docs.duendesoftware.com#368
from identityserver.
Related Issues (20)
- Add custom properties to CIBA response HOT 16
- Consider emitting a sub claim for client credentials flow tokens
- Consider better name for IEndpointResultGenerator<T>
- Consider making ServerSideSessionStore.GetAndRemoveExpiredSessionsAsync virtual HOT 3
- Remove deprecated GetLogoutNotificationContext HOT 2
- Clean up ValidatedAuthorizeRequest extension methods (ToOptimized...)
- Add Otel metrics to PAR implementation HOT 4
- Add extensibility points to the /connect/authorize/callback endpoint HOT 8
- DCR: Client metadata elements used from the software statement MUST also be returned directly as top-level client metadata values in the registration response HOT 5
- Expose original and suppressed prompt modes on validated authorize requests HOT 14
- Feature request: Add Activity.Current.Id to ErrorMessage (and maybe Events) HOT 3
- CryptographicException when calling _interaction.GetAllUserGrantsAsync() HOT 7
- Adding a JSON claim to the JWT/Userinfo endpoint is a bit unintuitive because of different valueType constants HOT 7
- Back channel logout token might incorrectly contain `logout_token` as `iss` HOT 5
- Polling interval and throttling service
- Updating signing in build pipeline
- Unify EF Test Infrastructure
- Support absolute expiration of server side sessions when CoordinateLifetimeWithUserSession is enabled
- Consider marking the IdentityServer session cookies with `__Host` prefix
- OpenTelemetry Metrics Naming HOT 5
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from identityserver.