Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

JWT Token builder bottleneck for internal communication #10889

Closed
davseitsev opened this issue Feb 1, 2022 · 6 comments · Fixed by #10954
Closed

JWT Token builder bottleneck for internal communication #10889

davseitsev opened this issue Feb 1, 2022 · 6 comments · Fixed by #10954

Comments

@davseitsev
Copy link

davseitsev commented Feb 1, 2022
edited
Loading

After upgrade from 346 to 367 we started to experience significant performance issues. Number of currently running queries dropped from 120 to 30-70 (green line). Number of blocked queries increased from 0-1 to 10-50 (purple line).

blocked-queries

We analyzed Java Flight Recorder and Thread dumps from coordinator. JFR shows that DefaultJwtBuilder.compact() takes about 10% of CPU.

image

There is a method LegacyService.loadFirst() which is called during token generation and which is the most expensive:

image

According to source code of the library:

https://github.com/jwtk/jjwt/blob/82189f8418d9bacad8b7df42a08ec203dc2df519/impl/src/main/java/io/jsonwebtoken/impl/DefaultJwtBuilder.java#L296-L301

This method is called to lookup for Serializer if there is no default one. And it seems to do it by scanning jar files.
Thread dump analysis showed that it's a bottleneck because 341 threads are blocked on java.io.RandomAccessFile:
image

Here is a stack trace of blocking thread:

ContinuousTaskStatusFetcher-20220201_082136_01542_tfn2d.2.45.0-2963
Stack Trace is:
java.lang.Thread.State: RUNNABLE
at java.io.RandomAccessFile.seek0([email protected]/Native Method)
at java.io.RandomAccessFile.seek([email protected]/RandomAccessFile.java:591)
at java.util.zip.ZipFile$Source.readAt([email protected]/ZipFile.java:1351)
- locked <0x00007f943e81ecc8> (a java.io.RandomAccessFile)
at java.util.zip.ZipFile$ZipFileInputStream.read([email protected]/ZipFile.java:1029)
- locked <0x00007fa893c23540> (a sun.net.www.protocol.jar.URLJarFile)
at java.util.zip.ZipFile$ZipFileInflaterInputStream.fill([email protected]/ZipFile.java:469)
at java.util.zip.InflaterInputStream.read([email protected]/InflaterInputStream.java:159)
at java.io.InputStream.readNBytes([email protected]/InputStream.java:490)
at java.util.jar.JarFile.getBytes([email protected]/JarFile.java:813)
at java.util.jar.JarFile.checkForSpecialAttributes([email protected]/JarFile.java:1013)
- locked <0x00007fa893c23540> (a sun.net.www.protocol.jar.URLJarFile)
at java.util.jar.JarFile.isMultiRelease([email protected]/JarFile.java:390)
at java.util.jar.JarFile.getEntry([email protected]/JarFile.java:515)
at sun.net.www.protocol.jar.URLJarFile.getEntry([email protected]/URLJarFile.java:131)
at sun.net.www.protocol.jar.JarURLConnection.connect([email protected]/JarURLConnection.java:137)
at sun.net.www.protocol.jar.JarURLConnection.getInputStream([email protected]/JarURLConnection.java:155)
at java.util.ServiceLoader$LazyClassPathLookupIterator.parse([email protected]/ServiceLoader.java:1165)
at java.util.ServiceLoader$LazyClassPathLookupIterator.nextProviderClass([email protected]/ServiceLoader.java:1206)
at java.util.ServiceLoader$LazyClassPathLookupIterator.hasNextService([email protected]/ServiceLoader.java:1221)
at java.util.ServiceLoader$LazyClassPathLookupIterator.hasNext([email protected]/ServiceLoader.java:1265)
at java.util.ServiceLoader$2.hasNext([email protected]/ServiceLoader.java:1300)
at java.util.ServiceLoader$3.hasNext([email protected]/ServiceLoader.java:1385)
at io.jsonwebtoken.impl.lang.Services.loadFirst(Services.java:110)
at io.jsonwebtoken.impl.lang.Services.loadFirst(Services.java:100)
at io.jsonwebtoken.impl.lang.LegacyServices.loadFirst(LegacyServices.java:21)
at io.jsonwebtoken.impl.DefaultJwtBuilder.compact(DefaultJwtBuilder.java:300)
at io.trino.server.InternalAuthenticationManager.generateJwt(InternalAuthenticationManager.java:122)
at io.trino.server.InternalAuthenticationManager.filterRequest(InternalAuthenticationManager.java:112)
at io.airlift.http.client.jetty.JettyHttpClient.applyRequestFilters(JettyHttpClient.java:679)
at io.airlift.http.client.jetty.JettyHttpClient.executeAsync(JettyHttpClient.java:640)
at io.trino.server.remotetask.ContinuousTaskStatusFetcher.scheduleNextRequest(ContinuousTaskStatusFetcher.java:156)
- locked <0x00007fa4fdcd6af0> (a io.trino.server.remotetask.ContinuousTaskStatusFetcher)
at io.trino.server.remotetask.ContinuousTaskStatusFetcher.success(ContinuousTaskStatusFetcher.java:176)
at io.trino.server.remotetask.ContinuousTaskStatusFetcher.success(ContinuousTaskStatusFetcher.java:53)
at io.trino.server.remotetask.SimpleHttpResponseHandler.onSuccess(SimpleHttpResponseHandler.java:49)
at io.trino.server.remotetask.SimpleHttpResponseHandler.onSuccess(SimpleHttpResponseHandler.java:27)
at com.google.common.util.concurrent.Futures$CallbackListener.run(Futures.java:1139)
at io.airlift.concurrent.BoundedExecutor.drainQueue(BoundedExecutor.java:80)
at io.airlift.concurrent.BoundedExecutor$$Lambda$12030/0x00007f8cbaad2040.run(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor.runWorker([email protected]/ThreadPoolExecutor.java:1128)
at java.util.concurrent.ThreadPoolExecutor$Worker.run([email protected]/ThreadPoolExecutor.java:628)
at java.lang.Thread.run([email protected]/Thread.java:829)

The situation on workers are similar, 73 threads are blocked on java.io.RandomAccessFile
image

StackTrace of blocking thread:

exchange-client-18
Stack Trace is:
java.lang.Thread.State: RUNNABLE
at java.io.RandomAccessFile.seek0([email protected]/Native Method)
at java.io.RandomAccessFile.seek([email protected]/RandomAccessFile.java:591)
at java.util.zip.ZipFile$Source.readAt([email protected]/ZipFile.java:1351)
- locked <0x00007f4a48e3c618> (a java.io.RandomAccessFile)
at java.util.zip.ZipFile$ZipFileInputStream.read([email protected]/ZipFile.java:1029)
- locked <0x00007f5e83b59b40> (a sun.net.www.protocol.jar.URLJarFile)
at java.util.zip.ZipFile$ZipFileInflaterInputStream.fill([email protected]/ZipFile.java:469)
at java.util.zip.InflaterInputStream.read([email protected]/InflaterInputStream.java:159)
at java.io.InputStream.readNBytes([email protected]/InputStream.java:490)
at java.util.jar.JarFile.getBytes([email protected]/JarFile.java:819)
at java.util.jar.JarFile.checkForSpecialAttributes([email protected]/JarFile.java:1019)
- locked <0x00007f5e83b59b40> (a sun.net.www.protocol.jar.URLJarFile)
at java.util.jar.JarFile.isMultiRelease([email protected]/JarFile.java:392)
at java.util.jar.JarFile.getEntry([email protected]/JarFile.java:517)
at sun.net.www.protocol.jar.URLJarFile.getEntry([email protected]/URLJarFile.java:131)
at sun.net.www.protocol.jar.JarURLConnection.connect([email protected]/JarURLConnection.java:137)
at sun.net.www.protocol.jar.JarURLConnection.getInputStream([email protected]/JarURLConnection.java:155)
at java.util.ServiceLoader$LazyClassPathLookupIterator.parse([email protected]/ServiceLoader.java:1165)
at java.util.ServiceLoader$LazyClassPathLookupIterator.nextProviderClass([email protected]/ServiceLoader.java:1206)
at java.util.ServiceLoader$LazyClassPathLookupIterator.hasNextService([email protected]/ServiceLoader.java:1221)
at java.util.ServiceLoader$LazyClassPathLookupIterator.hasNext([email protected]/ServiceLoader.java:1265)
at java.util.ServiceLoader$2.hasNext([email protected]/ServiceLoader.java:1300)
at java.util.ServiceLoader$3.hasNext([email protected]/ServiceLoader.java:1385)
at io.jsonwebtoken.impl.lang.Services.loadFirst(Services.java:110)
at io.jsonwebtoken.impl.lang.Services.loadFirst(Services.java:100)
at io.jsonwebtoken.impl.lang.LegacyServices.loadFirst(LegacyServices.java:21)
at io.jsonwebtoken.impl.DefaultJwtBuilder.compact(DefaultJwtBuilder.java:300)
at io.trino.server.InternalAuthenticationManager.generateJwt(InternalAuthenticationManager.java:122)
at io.trino.server.InternalAuthenticationManager.filterRequest(InternalAuthenticationManager.java:112)
at io.airlift.http.client.jetty.JettyHttpClient.applyRequestFilters(JettyHttpClient.java:679)
at io.airlift.http.client.jetty.JettyHttpClient.executeAsync(JettyHttpClient.java:640)
at io.trino.operator.HttpPageBufferClient.sendGetResults(HttpPageBufferClient.java:339)
- locked <0x00007f5b6c4b7b68> (a io.trino.operator.HttpPageBufferClient)
at io.trino.operator.HttpPageBufferClient.initiateRequest(HttpPageBufferClient.java:330)
- locked <0x00007f5b6c4b7b68> (a io.trino.operator.HttpPageBufferClient)
at io.trino.operator.HttpPageBufferClient.lambda$scheduleRequest$0(HttpPageBufferClient.java:307)
at io.trino.operator.HttpPageBufferClient$$Lambda$1624/0x00007f47418ee040.run(Unknown Source)
at java.util.concurrent.Executors$RunnableAdapter.call([email protected]/Executors.java:515)
at java.util.concurrent.FutureTask.run([email protected]/FutureTask.java:264)
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run([email protected]/ScheduledThreadPoolExecutor.java:304)
at java.util.concurrent.ThreadPoolExecutor.runWorker([email protected]/ThreadPoolExecutor.java:1128)
at java.util.concurrent.ThreadPoolExecutor$Worker.run([email protected]/ThreadPoolExecutor.java:628)
at java.lang.Thread.run([email protected]/Thread.java:829)

To prove the issue we have changed the code of InternalAuthenticationManager

trino/core/trino-main/src/main/java/io/trino/server/InternalAuthenticationManager.java

Lines 116 to 133 in 27728e6

private String generateJwt()
{
return Jwts.builder()
.signWith(hmac)
.setSubject(nodeId)
.setExpiration(Date.from(ZonedDateTime.now().plusMinutes(5).toInstant()))
.compact();
}
private String parseJwt(String jwt)
{
return Jwts.parserBuilder()
.setSigningKey(hmac)
.build()
.parseClaimsJws(jwt)
.getBody()
.getSubject();
}

we added default serialzier

Jwts.builder()
.serializeToJsonWith(new JacksonSerializer<>())

and deserializer

Jwts.builder()
.deserializeJsonWith(new JacksonDeserializer<>())

It fixed our problem, running queries is ~120 and stable and there is no blocked.

image

Jwts.builder() is also used in OAuth2Service, FormWebUiAuthenticationFilter, JsonWebTokenHandler and may also cause some issues but we haven't investigated it.
@findepi
Copy link
Member

findepi commented Feb 1, 2022

cc @kokosing @lukasz-walkiewicz

@kokosing
Copy link
Member

kokosing commented Feb 2, 2022

Thank you for reporting this and for a great analysis. We will take a look into it.

@lukasz-walkiewicz
Copy link
Member

Thanks for the detailed report. It looks like a regression introduced by io.jsonwebtoken:jjwt upgrade 37c7d22. At first glance jwtk/jjwt@7037d64 looks to be the culprit. That said, I agree using a dedicated serializer makes perfect sense.

@davseitsev
Copy link
Author

Actually it's only part of the problems caused by io.jsonwebtoken:jjwt library, we will update later here.

@sshkvar
Copy link
Contributor

sshkvar commented Feb 3, 2022
edited
Loading

We found few additional problematic places which affects cluster performance

stackTrace:
java.lang.Thread.State: BLOCKED (on object monitor)
at java.util.zip.ZipFile$Source.readFullyAt([email protected]/ZipFile.java:1334)
- waiting to lock <0x00007fa0ca826d40> (a java.io.RandomAccessFile)
at java.util.zip.ZipFile$ZipFileInputStream.initDataOffset([email protected]/ZipFile.java:1004)
at java.util.zip.ZipFile$ZipFileInputStream.read([email protected]/ZipFile.java:1019)
- locked <0x00007fb6fe981178> (a sun.net.www.protocol.jar.URLJarFile)
at java.util.zip.ZipFile$ZipFileInflaterInputStream.fill([email protected]/ZipFile.java:469)
at java.util.zip.InflaterInputStream.read([email protected]/InflaterInputStream.java:159)
at java.io.FilterInputStream.read([email protected]/FilterInputStream.java:133)
at sun.nio.cs.StreamDecoder.readBytes([email protected]/StreamDecoder.java:284)
at sun.nio.cs.StreamDecoder.implRead([email protected]/StreamDecoder.java:326)
at sun.nio.cs.StreamDecoder.read([email protected]/StreamDecoder.java:178)
- locked <0x00007fb6fe9830e8> (a java.io.InputStreamReader)
at java.io.InputStreamReader.read([email protected]/InputStreamReader.java:181)
at java.io.BufferedReader.fill([email protected]/BufferedReader.java:161)
at java.io.BufferedReader.readLine([email protected]/BufferedReader.java:326)
- locked <0x00007fb6fe9830e8> (a java.io.InputStreamReader)
at java.io.BufferedReader.readLine([email protected]/BufferedReader.java:392)
at java.util.ServiceLoader$LazyClassPathLookupIterator.parseLine([email protected]/ServiceLoader.java:1130)
at java.util.ServiceLoader$LazyClassPathLookupIterator.parse([email protected]/ServiceLoader.java:1170)
at java.util.ServiceLoader$LazyClassPathLookupIterator.nextProviderClass([email protected]/ServiceLoader.java:1206)
at java.util.ServiceLoader$LazyClassPathLookupIterator.hasNextService([email protected]/ServiceLoader.java:1221)
at java.util.ServiceLoader$LazyClassPathLookupIterator.hasNext([email protected]/ServiceLoader.java:1265)
at java.util.ServiceLoader$2.hasNext([email protected]/ServiceLoader.java:1300)
at java.util.ServiceLoader$3.hasNext([email protected]/ServiceLoader.java:1385)
at io.jsonwebtoken.impl.lang.Services.loadAll(Services.java:80)
at io.jsonwebtoken.impl.lang.Services.loadAll(Services.java:68)
at io.jsonwebtoken.impl.compression.DefaultCompressionCodecResolver.<init>(DefaultCompressionCodecResolver.java:60)
at io.jsonwebtoken.impl.DefaultJwtParserBuilder.<init>(DefaultJwtParserBuilder.java:58)
at jdk.internal.reflect.GeneratedConstructorAccessor91.newInstance(Unknown Source)
at jdk.internal.reflect.DelegatingConstructorAccessorImpl.newInstance([email protected]/DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance([email protected]/Constructor.java:490)
at java.lang.Class.newInstance([email protected]/Class.java:584)
at io.jsonwebtoken.lang.Classes.newInstance(Classes.java:156)
at io.jsonwebtoken.lang.Classes.newInstance(Classes.java:136)
at io.jsonwebtoken.Jwts.parserBuilder(Jwts.java:130)
at io.trino.server.InternalAuthenticationManager.parseJwt(InternalAuthenticationManager.java:130)
at io.trino.server.InternalAuthenticationManager.handleInternalRequest(InternalAuthenticationManager.java:91)
at io.trino.server.security.ResourceSecurityDynamicFeature$InternalOnlyRequestFilter.filter(ResourceSecurityDynamicFeature.java:203)
at org.glassfish.jersey.server.ContainerFilteringStage.apply(ContainerFilteringStage.java:132)
at org.glassfish.jersey.server.ContainerFilteringStage.apply(ContainerFilteringStage.java:68)
at org.glassfish.jersey.process.internal.Stages.process(Stages.java:197)
at org.glassfish.jersey.server.ServerRuntime$1.run(ServerRuntime.java:269)
at org.glassfish.jersey.internal.Errors$1.call(Errors.java:272)
at org.glassfish.jersey.internal.Errors$1.call(Errors.java:268)
at org.glassfish.jersey.internal.Errors.process(Errors.java:316)
at org.glassfish.jersey.internal.Errors.process(Errors.java:298)
at org.glassfish.jersey.internal.Errors.process(Errors.java:268)
at org.glassfish.jersey.process.internal.RequestScope.runInScope(RequestScope.java:289)
at org.glassfish.jersey.server.ServerRuntime.process(ServerRuntime.java:256)
at org.glassfish.jersey.server.ApplicationHandler.handle(ApplicationHandler.java:703)
at org.glassfish.jersey.servlet.WebComponent.serviceImpl(WebComponent.java:416)
at org.glassfish.jersey.servlet.WebComponent.service(WebComponent.java:370)
at org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:389)
at org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:342)
at org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:229)
at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:799)
at org.eclipse.jetty.servlet.ServletHandler$ChainEnd.doFilter(ServletHandler.java:1631)
at io.airlift.http.server.TraceTokenFilter.doFilter(TraceTokenFilter.java:63)
at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)
at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)
at io.airlift.http.server.TimingFilter.doFilter(TimingFilter.java:51)
at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)
at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)
at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:548)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)
at org.eclipse.jetty.server.handler.gzip.GzipHandler.handle(GzipHandler.java:763)
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127)
at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:235)
at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1434)
at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:188)
at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:501)
at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:186)
at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1349)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:146)
at org.eclipse.jetty.server.handler.StatisticsHandler.handle(StatisticsHandler.java:179)
at org.eclipse.jetty.server.handler.HandlerList.handle(HandlerList.java:59)
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127)
at org.eclipse.jetty.server.Server.handle(Server.java:516)
at org.eclipse.jetty.server.HttpChannel.lambda$handle$1(HttpChannel.java:400)
at org.eclipse.jetty.server.HttpChannel$$Lambda$1178/0x00007f9e278b1440.dispatch(Unknown Source)
at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:645)
at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:392)
at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:277)
at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:311)
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:105)
at org.eclipse.jetty.io.ChannelEndPoint$1.run(ChannelEndPoint.java:104)
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:883)
at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1034)
at java.lang.Thread.run([email protected]/Thread.java:829)

Problematic parts in Jwts.java

    public static JwtParserBuilder parserBuilder() {
        return (JwtParserBuilder)Classes.newInstance("io.jsonwebtoken.impl.DefaultJwtParserBuilder");
    }

    public static JwtBuilder builder() {
        return (JwtBuilder)Classes.newInstance("io.jsonwebtoken.impl.DefaultJwtBuilder");
    }

And DefaultCompressionCodecResolver.java also scanning Jar files too

 public DefaultCompressionCodecResolver() {
        Map<String, CompressionCodec> codecMap = new HashMap();
        Iterator i$ = Services.loadAll(CompressionCodec.class).iterator();
stackTrace:
java.lang.Thread.State: BLOCKED (on object monitor)
at java.util.zip.ZipFile$Source.readFullyAt([email protected]/ZipFile.java:1334)
- waiting to lock <0x00007eef33206a28> (a java.io.RandomAccessFile)
at java.util.zip.ZipFile$ZipFileInputStream.initDataOffset([email protected]/ZipFile.java:1004)
at java.util.zip.ZipFile$ZipFileInputStream.read([email protected]/ZipFile.java:1019)
- locked <0x00007f058d7c3350> (a sun.net.www.protocol.jar.URLJarFile)
at java.util.zip.ZipFile$ZipFileInflaterInputStream.fill([email protected]/ZipFile.java:469)
at java.util.zip.InflaterInputStream.read([email protected]/InflaterInputStream.java:159)
at java.io.InputStream.readNBytes([email protected]/InputStream.java:490)
at java.util.jar.JarFile.getBytes([email protected]/JarFile.java:819)
at java.util.jar.JarFile.checkForSpecialAttributes([email protected]/JarFile.java:1019)
- locked <0x00007f058d7c3350> (a sun.net.www.protocol.jar.URLJarFile)
at java.util.jar.JarFile.isMultiRelease([email protected]/JarFile.java:392)
at java.util.jar.JarFile.getEntry([email protected]/JarFile.java:517)
at sun.net.www.protocol.jar.URLJarFile.getEntry([email protected]/URLJarFile.java:131)
at sun.net.www.protocol.jar.JarURLConnection.connect([email protected]/JarURLConnection.java:137)
at sun.net.www.protocol.jar.JarURLConnection.getInputStream([email protected]/JarURLConnection.java:155)
at java.util.ServiceLoader$LazyClassPathLookupIterator.parse([email protected]/ServiceLoader.java:1165)
at java.util.ServiceLoader$LazyClassPathLookupIterator.nextProviderClass([email protected]/ServiceLoader.java:1206)
at java.util.ServiceLoader$LazyClassPathLookupIterator.hasNextService([email protected]/ServiceLoader.java:1221)
at java.util.ServiceLoader$LazyClassPathLookupIterator.hasNext([email protected]/ServiceLoader.java:1265)
at java.util.ServiceLoader$2.hasNext([email protected]/ServiceLoader.java:1300)
at java.util.ServiceLoader$3.hasNext([email protected]/ServiceLoader.java:1385)
at io.jsonwebtoken.impl.lang.Services.loadAll(Services.java:80)
at io.jsonwebtoken.impl.lang.Services.loadAll(Services.java:68)
at io.jsonwebtoken.impl.compression.DefaultCompressionCodecResolver.<init>(DefaultCompressionCodecResolver.java:60)
at io.jsonwebtoken.impl.DefaultJwtParser.<init>(DefaultJwtParser.java:72)
at io.jsonwebtoken.impl.DefaultJwtParserBuilder.build(DefaultJwtParserBuilder.java:194)
at io.trino.server.InternalAuthenticationManager.parseJwt(InternalAuthenticationManager.java:134)
at io.trino.server.InternalAuthenticationManager.handleInternalRequest(InternalAuthenticationManager.java:92)
at io.trino.server.security.ResourceSecurityDynamicFeature$InternalOnlyRequestFilter.filter(ResourceSecurityDynamicFeature.java:203)
at org.glassfish.jersey.server.ContainerFilteringStage.apply(ContainerFilteringStage.java:132)
at org.glassfish.jersey.server.ContainerFilteringStage.apply(ContainerFilteringStage.java:68)
at org.glassfish.jersey.process.internal.Stages.process(Stages.java:197)
at org.glassfish.jersey.server.ServerRuntime$1.run(ServerRuntime.java:269)
at org.glassfish.jersey.internal.Errors$1.call(Errors.java:272)
at org.glassfish.jersey.internal.Errors$1.call(Errors.java:268)
at org.glassfish.jersey.internal.Errors.process(Errors.java:316)
at org.glassfish.jersey.internal.Errors.process(Errors.java:298)
at org.glassfish.jersey.internal.Errors.process(Errors.java:268)
at org.glassfish.jersey.process.internal.RequestScope.runInScope(RequestScope.java:289)
at org.glassfish.jersey.server.ServerRuntime.process(ServerRuntime.java:256)
at org.glassfish.jersey.server.ApplicationHandler.handle(ApplicationHandler.java:703)
at org.glassfish.jersey.servlet.WebComponent.serviceImpl(WebComponent.java:416)
at org.glassfish.jersey.servlet.WebComponent.service(WebComponent.java:370)
at org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:389)
at org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:342)
at org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:229)
at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:799)
at org.eclipse.jetty.servlet.ServletHandler$ChainEnd.doFilter(ServletHandler.java:1631)
at io.airlift.http.server.TraceTokenFilter.doFilter(TraceTokenFilter.java:63)
at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)
at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)
at io.airlift.http.server.TimingFilter.doFilter(TimingFilter.java:51)
at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)
at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)
at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:548)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)
at org.eclipse.jetty.server.handler.gzip.GzipHandler.handle(GzipHandler.java:763)
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127)
at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:235)
at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1434)
at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:188)
at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:501)
at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:186)
at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1349)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:146)
at org.eclipse.jetty.server.handler.StatisticsHandler.handle(StatisticsHandler.java:179)
at org.eclipse.jetty.server.handler.HandlerList.handle(HandlerList.java:59)
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127)
at org.eclipse.jetty.server.Server.handle(Server.java:516)
at org.eclipse.jetty.server.HttpChannel.lambda$handle$1(HttpChannel.java:400)
at org.eclipse.jetty.server.HttpChannel$$Lambda$1151/0x00007eecbf19d840.dispatch(Unknown Source)
at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:645)
at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:392)
at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:277)
at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:311)
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:105)
at org.eclipse.jetty.io.ChannelEndPoint$1.run(ChannelEndPoint.java:104)
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:338)
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:315)
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:173)
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:131)
at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:409)
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:883)
at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1034)
at java.lang.Thread.run([email protected]/Thread.java:829)

@hashhar hashhar mentioned this issue Feb 4, 2022
Merged
@JamesRTaylor
Copy link

FYI, another regression that you might be hitting as well occurred in 360. See #10839 and the subsequent commit (included in 370 release) here: eac0d01

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Avoid reflection and services lookup for JWT processing electrum/trino
6 participants
@findepi @davseitsev @sshkvar @JamesRTaylor @kokosing @lukasz-walkiewicz