Uploaded image for project: 'Nuxeo Platform'
  1. Nuxeo Platform
  2. NXP-28360

metric nuxeo.web.authentication.logged-users should take sessions expiration into account

    Details

    • Type: Improvement
    • Status: Open
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: 7.10, 8.10, 9.10, 10.10
    • Fix Version/s: QualifiedToSchedule
    • Component/s: Authentication

      Description

      The implementation of the metric nuxeo.web.authentication.logged-users does not apparently match its semantic:

      in the common case of web session timeout expiration or TOKEN_AUTH authentication, this metric is not enabling to decipher how many users are currently logged on a Nuxeo server: the metric is showing at least as many logged on users, and maybe more (which is often the case)

      Except in the case of an explicit user logout, the metric is ever increasing, never decreasing.

      Expected result: the metric nuxeo.web.authentication.logged-users show an accurate number of currently logged-on users

      Possible improvement: The counter could be made cluster-aware or cluster-wide

      Other possibility; no change in implementation but making clear what the semantics of the counter is

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              pabgrall Patrick Abgrall
              Participants:
            • Votes:
              1 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:

                PagerDuty

                Error rendering 'com.pagerduty.jira-server-plugin:PagerDuty'. Please contact your Jira administrators.