英文:
Bandwidth for C# IdentityServer4
问题
我已继承了一个遗留应用程序,该应用程序使用C#实现的IdentityServer4来处理其OAuth工作。
最近,我们开始看到性能大幅下降,没有进行任何更改,并且有时AWS服务器完全失败,该OAuth应用程序在其上运行。
唯一的变化是我们现在在应用程序中获得了显著更多的流量。
查看日志,我看到客户端应用程序在用户每秒登录时都会访问introspection端点。据我所知,introspection端点的意图是检查令牌状态。每秒都访问这个端点似乎非常不合理,这是常见的做法吗?
我只是想对传统用例有一些明确的了解。
英文:
I've inherited a legacy application that utilizes a C# implementation of IdentityServer4 to handle its OAuth work.
Recently we've started to see a lot of degradation in performance, with no changes made, and sometimes full failure of the AWS server that the OAuth app runs on.
The only change is that we are getting significantly more traffic in the app now.
Looking at the logs, I'm seeing the client app hitting the introspection endpoint per user every second that they are logged in. As far as I could find, the intention behind the introspection endpoint is to check the token status. It seems very wrong that this would be hit every single second, is this a common practice?
I'm just looking for some clarity on a traditional use case.
答案1
得分: 0
原因是OAuth服务器上日志记录的状态。原来的所有者打开了详细日志记录,导致OAuth服务器的内存纯粹是来自日志文件输出的。我们通过将日志记录减少到仅包含错误信息来解决了这个问题。
英文:
The reason for this was the status of the logging on the OAuth server. It turned out that the previous owner had turned on verbose logging and memory was filling on the OAuth server purely from the log file output.
We solved it by reducing the logging to pure errors only.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论