Details
-
Improvement
-
Status: Open
-
Minor
-
Resolution: Unresolved
-
1.6.5, 1.7.0, 1.7.1
-
None
-
None
Description
The VisibilityEvaluator created by the VisibilityConstraint uses the tablet server's SecurityOperations to determine if the user has authorizations for tokens within the visibility expression. This results in an authentication check per token that is evaluated and can lead to the following performance issues.
- flooding of audit logs since each authentication check produces an audit message
- excessive object creation due to deserialization of user credentials for each authentication check
- mild contention between client pool threads over the ZooCache