jackrabbit-oak-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alex Deparvu (JIRA)" <j...@apache.org>
Subject [jira] [Created] (OAK-7860) Make PermissionEntryCache more resilient against OOME
Date Wed, 24 Oct 2018 09:58:00 GMT
Alex Deparvu created OAK-7860:

             Summary: Make PermissionEntryCache more resilient against OOME
                 Key: OAK-7860
                 URL: https://issues.apache.org/jira/browse/OAK-7860
             Project: Jackrabbit Oak
          Issue Type: Improvement
          Components: core
            Reporter: Alex Deparvu
            Assignee: Alex Deparvu

The PermissionEntryProviderImpl (one instance per session) is responsible for serving the
permission entries. It can be backed by 2 different types of caches:

* the {{PathEntryMapCache}} which is simply a map that eagerly loads all existing permissions
for a session (aka. set of principals). Used only if there are less than 250 total entries
per session (all principals combined).
* The {{DefaultPermissionCache}} backed by the {{PermissionEntryCache}}. this is the fallback
for the cases where the above is too expensive to use.

In some cases, even if the number of permission entries per principal is not too large, a
session that accumulates large numbers of group principals (I've seen over 700 in one internal
case), will always fallback to use the {{PermissionEntryCache}}.

The {{PermissionEntryCache}} is a cache that is using the principal as a key and the permission
entries as values. It is aggregating 2 different types of data:
* Existing policies: maps principals to paths with (their) existing policies (regular cache
* but it also retains paths without any relevant policies for the current session, as empty
sets [0]. being a cache keyed on the 'principal', this placeholder for empty policies will
be set for each principal.
I believe this second part can be responsible for a large memory footprint, which can also
be amplified by the very large number of principals in the session.

I would like to propose separating the 2 sets contained in the cache, putting the non-relevant
paths in a dedicated map with a fixed size.

[0] https://github.com/apache/jackrabbit-oak/blob/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionEntryCache.java#L74

This message was sent by Atlassian JIRA

View raw message