Commit during login may fail and causing later errors
During the login process, a new session updates the account’s last login time, write-locks the security data information. and commits. In scenarios with many logins occurring simultaneously, the write lock may fail or be dirty, or the commit may fail. The code did not handle these scenarios and several subsequent problems could occur:
- The first user commit after login by the new session may fail, since no abort was done following the failed commit.
- The write lock may remain on the security data information.
- User information, such as login count, may not get updated. This affects results such as number of logins permitted before a password change is required.
Last updated: 10/16/08