C# IdentityServer4 的带宽

huangapple go评论71阅读模式
英文:

Bandwidth for C# IdentityServer4

问题

我已继承了一个遗留应用程序,该应用程序使用C#实现的IdentityServer4来处理其OAuth工作。

最近,我们开始看到性能大幅下降,没有进行任何更改,并且有时AWS服务器完全失败,该OAuth应用程序在其上运行。

唯一的变化是我们现在在应用程序中获得了显著更多的流量。

查看日志,我看到客户端应用程序在用户每秒登录时都会访问introspection端点。据我所知,introspection端点的意图是检查令牌状态。每秒都访问这个端点似乎非常不合理,这是常见的做法吗?

我只是想对传统用例有一些明确的了解。

英文:

I've inherited a legacy application that utilizes a C# implementation of IdentityServer4 to handle its OAuth work.

Recently we've started to see a lot of degradation in performance, with no changes made, and sometimes full failure of the AWS server that the OAuth app runs on.

The only change is that we are getting significantly more traffic in the app now.

Looking at the logs, I'm seeing the client app hitting the introspection endpoint per user every second that they are logged in. As far as I could find, the intention behind the introspection endpoint is to check the token status. It seems very wrong that this would be hit every single second, is this a common practice?

I'm just looking for some clarity on a traditional use case.

答案1

得分: 0

原因是OAuth服务器上日志记录的状态。原来的所有者打开了详细日志记录,导致OAuth服务器的内存纯粹是来自日志文件输出的。我们通过将日志记录减少到仅包含错误信息来解决了这个问题。

英文:

The reason for this was the status of the logging on the OAuth server. It turned out that the previous owner had turned on verbose logging and memory was filling on the OAuth server purely from the log file output.

We solved it by reducing the logging to pure errors only.

huangapple
  • 本文由 发表于 2023年6月29日 04:35:55
  • 转载请务必保留本文链接:https://go.coder-hub.com/76576547.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定