Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for user tracking in spring security #7633

Merged
merged 1 commit into from
Sep 29, 2024
Merged

Add support for user tracking in spring security #7633

merged 1 commit into from
Sep 29, 2024

Conversation

manuel-alvarez-alvarez
Copy link
Member

@manuel-alvarez-alvarez manuel-alvarez-alvarez commented Sep 17, 2024
edited by jira bot
Loading

What Does This Do

Enables automatic user tracking on spring security 5 and 6. It also separates the tests for spring-security 5 and 6 so latestDepTest tasks can be added to validate newer versions of the framework.

Motivation

With the introduction of automated user login and signup events, and the different features to ensure customers are well in control of the information sent to Datadog, the next natural step is to extend this functionality to not only track login and signup events, but also track authenticated users in general.

Additional Notes

Contributor Checklist

Jira ticket: APPSEC-54936

@manuel-alvarez-alvarez manuel-alvarez-alvarez added the comp: asm waf Application Security Management (WAF) label Sep 17, 2024
@manuel-alvarez-alvarez manuel-alvarez-alvarez changed the base branch from master to malvarez/waf-session-fingerprint September 17, 2024 21:17
@pr-commenter
Copy link

pr-commenter bot commented Sep 17, 2024
edited
Loading

Benchmarks

Startup

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master malvarez/waf-user-blocking
git_commit_date 1727340475 1727349485
git_commit_sha 8ee4a5d f063945
release_version 1.40.0-SNAPSHOT~8ee4a5d6dd 1.40.0-SNAPSHOT~f063945952
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1727352076 1727352076
ci_job_id 652462661 652462661
ci_pipeline_id 45201355 45201355
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
module Agent Agent
parent None None
variant iast iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 49 metrics, 14 unstable metrics.

Startup time reports for petclinic 
gantt
    title petclinic - global startup overhead: candidate=1.40.0-SNAPSHOT~f063945952, baseline=1.40.0-SNAPSHOT~8ee4a5d6dd

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.075 s) : 0, 1075218
Total [baseline] (10.437 s) : 0, 10437038
Agent [candidate] (1.066 s) : 0, 1066129
Total [candidate] (10.373 s) : 0, 10373191
section appsec
Agent [baseline] (1.202 s) : 0, 1202462
Total [baseline] (10.684 s) : 0, 10683634
Agent [candidate] (1.207 s) : 0, 1207078
Total [candidate] (10.665 s) : 0, 10665426
section iast
Agent [baseline] (1.209 s) : 0, 1208978
Total [baseline] (10.873 s) : 0, 10873397
Agent [candidate] (1.204 s) : 0, 1203703
Total [candidate] (10.835 s) : 0, 10834778
section profiling
Agent [baseline] (1.273 s) : 0, 1272699
Total [baseline] (10.611 s) : 0, 10610583
Agent [candidate] (1.28 s) : 0, 1280105
Total [candidate] (10.595 s) : 0, 10595073
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.075 s -
Agent appsec 1.202 s 127.245 ms (11.8%)
Agent iast 1.209 s 133.76 ms (12.4%)
Agent profiling 1.273 s 197.482 ms (18.4%)
Total tracing 10.437 s -
Total appsec 10.684 s 246.596 ms (2.4%)
Total iast 10.873 s 436.359 ms (4.2%)
Total profiling 10.611 s 173.545 ms (1.7%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.066 s -
Agent appsec 1.207 s 140.949 ms (13.2%)
Agent iast 1.204 s 137.574 ms (12.9%)
Agent profiling 1.28 s 213.976 ms (20.1%)
Total tracing 10.373 s -
Total appsec 10.665 s 292.235 ms (2.8%)
Total iast 10.835 s 461.587 ms (4.4%)
Total profiling 10.595 s 221.882 ms (2.1%) 
gantt
    title petclinic - break down per module: candidate=1.40.0-SNAPSHOT~f063945952, baseline=1.40.0-SNAPSHOT~8ee4a5d6dd

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (685.966 ms) : 0, 685966
BytebuddyAgent [candidate] (680.11 ms) : 0, 680110
GlobalTracer [baseline] (312.583 ms) : 0, 312583
GlobalTracer [candidate] (309.992 ms) : 0, 309992
AppSec [baseline] (54.46 ms) : 0, 54460
AppSec [candidate] (53.944 ms) : 0, 53944
Remote Config [baseline] (675.637 µs) : 0, 676
Remote Config [candidate] (663.983 µs) : 0, 664
Telemetry [baseline] (7.754 ms) : 0, 7754
Telemetry [candidate] (7.686 ms) : 0, 7686
section appsec
BytebuddyAgent [baseline] (702.692 ms) : 0, 702692
BytebuddyAgent [candidate] (705.591 ms) : 0, 705591
GlobalTracer [baseline] (303.65 ms) : 0, 303650
GlobalTracer [candidate] (304.886 ms) : 0, 304886
AppSec [baseline] (163.637 ms) : 0, 163637
AppSec [candidate] (163.364 ms) : 0, 163364
Remote Config [baseline] (655.634 µs) : 0, 656
Remote Config [candidate] (643.85 µs) : 0, 644
Telemetry [baseline] (7.838 ms) : 0, 7838
Telemetry [candidate] (8.524 ms) : 0, 8524
IAST [baseline] (20.602 ms) : 0, 20602
IAST [candidate] (20.579 ms) : 0, 20579
section iast
BytebuddyAgent [baseline] (804.044 ms) : 0, 804044
BytebuddyAgent [candidate] (801.08 ms) : 0, 801080
GlobalTracer [baseline] (303.859 ms) : 0, 303859
GlobalTracer [candidate] (301.894 ms) : 0, 301894
AppSec [baseline] (54.818 ms) : 0, 54818
AppSec [candidate] (55.432 ms) : 0, 55432
Remote Config [baseline] (597.589 µs) : 0, 598
Remote Config [candidate] (605.206 µs) : 0, 605
Telemetry [baseline] (7.104 ms) : 0, 7104
Telemetry [candidate] (7.048 ms) : 0, 7048
IAST [baseline] (24.704 ms) : 0, 24704
IAST [candidate] (23.754 ms) : 0, 23754
section profiling
ProfilingAgent [baseline] (96.882 ms) : 0, 96882
ProfilingAgent [candidate] (97.945 ms) : 0, 97945
BytebuddyAgent [baseline] (678.712 ms) : 0, 678712
BytebuddyAgent [candidate] (681.506 ms) : 0, 681506
GlobalTracer [baseline] (395.24 ms) : 0, 395240
GlobalTracer [candidate] (398.21 ms) : 0, 398210
AppSec [baseline] (54.687 ms) : 0, 54687
AppSec [candidate] (55.002 ms) : 0, 55002
Remote Config [baseline] (652.824 µs) : 0, 653
Remote Config [candidate] (681.978 µs) : 0, 682
Telemetry [baseline] (7.503 ms) : 0, 7503
Telemetry [candidate] (7.617 ms) : 0, 7617
Profiling [baseline] (96.906 ms) : 0, 96906
Profiling [candidate] (97.969 ms) : 0, 97969
Loading
Startup time reports for insecure-bank 
gantt
    title insecure-bank - global startup overhead: candidate=1.40.0-SNAPSHOT~f063945952, baseline=1.40.0-SNAPSHOT~8ee4a5d6dd

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.07 s) : 0, 1069933
Total [baseline] (8.604 s) : 0, 8604413
Agent [candidate] (1.072 s) : 0, 1071716
Total [candidate] (8.566 s) : 0, 8565885
section iast
Agent [baseline] (1.191 s) : 0, 1190564
Total [baseline] (8.999 s) : 0, 8998800
Agent [candidate] (1.2 s) : 0, 1200154
Total [candidate] (9.058 s) : 0, 9058391
section iast_HARDCODED_SECRET_DISABLED
Agent [baseline] (1.202 s) : 0, 1202188
Total [baseline] (9.01 s) : 0, 9009600
Agent [candidate] (1.196 s) : 0, 1196267
Total [candidate] (9.041 s) : 0, 9041017
section iast_TELEMETRY_OFF
Agent [baseline] (1.192 s) : 0, 1191669
Total [baseline] (9.08 s) : 0, 9080006
Agent [candidate] (1.192 s) : 0, 1192079
Total [candidate] (9.022 s) : 0, 9022251
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.07 s -
Agent iast 1.191 s 120.631 ms (11.3%)
Agent iast_HARDCODED_SECRET_DISABLED 1.202 s 132.255 ms (12.4%)
Agent iast_TELEMETRY_OFF 1.192 s 121.736 ms (11.4%)
Total tracing 8.604 s -
Total iast 8.999 s 394.387 ms (4.6%)
Total iast_HARDCODED_SECRET_DISABLED 9.01 s 405.187 ms (4.7%)
Total iast_TELEMETRY_OFF 9.08 s 475.592 ms (5.5%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.072 s -
Agent iast 1.2 s 128.438 ms (12.0%)
Agent iast_HARDCODED_SECRET_DISABLED 1.196 s 124.551 ms (11.6%)
Agent iast_TELEMETRY_OFF 1.192 s 120.363 ms (11.2%)
Total tracing 8.566 s -
Total iast 9.058 s 492.506 ms (5.7%)
Total iast_HARDCODED_SECRET_DISABLED 9.041 s 475.132 ms (5.5%)
Total iast_TELEMETRY_OFF 9.022 s 456.366 ms (5.3%) 
gantt
    title insecure-bank - break down per module: candidate=1.40.0-SNAPSHOT~f063945952, baseline=1.40.0-SNAPSHOT~8ee4a5d6dd

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (682.462 ms) : 0, 682462
BytebuddyAgent [candidate] (683.668 ms) : 0, 683668
GlobalTracer [baseline] (311.231 ms) : 0, 311231
GlobalTracer [candidate] (311.653 ms) : 0, 311653
AppSec [baseline] (54.163 ms) : 0, 54163
AppSec [candidate] (54.211 ms) : 0, 54211
Remote Config [baseline] (677.328 µs) : 0, 677
Remote Config [candidate] (663.522 µs) : 0, 664
Telemetry [baseline] (7.663 ms) : 0, 7663
Telemetry [candidate] (7.742 ms) : 0, 7742
section iast
BytebuddyAgent [baseline] (792.432 ms) : 0, 792432
BytebuddyAgent [candidate] (799.66 ms) : 0, 799660
GlobalTracer [baseline] (298.542 ms) : 0, 298542
GlobalTracer [candidate] (300.656 ms) : 0, 300656
AppSec [baseline] (55.532 ms) : 0, 55532
AppSec [candidate] (55.872 ms) : 0, 55872
IAST [baseline] (22.663 ms) : 0, 22663
IAST [candidate] (22.332 ms) : 0, 22332
Remote Config [baseline] (623.01 µs) : 0, 623
Remote Config [candidate] (623.722 µs) : 0, 624
Telemetry [baseline] (6.999 ms) : 0, 6999
Telemetry [candidate] (7.108 ms) : 0, 7108
section iast_HARDCODED_SECRET_DISABLED
BytebuddyAgent [baseline] (799.908 ms) : 0, 799908
BytebuddyAgent [candidate] (793.194 ms) : 0, 793194
GlobalTracer [baseline] (301.08 ms) : 0, 301080
GlobalTracer [candidate] (301.67 ms) : 0, 301670
AppSec [baseline] (51.582 ms) : 0, 51582
AppSec [candidate] (53.237 ms) : 0, 53237
IAST [baseline] (27.212 ms) : 0, 27212
IAST [candidate] (26.565 ms) : 0, 26565
Remote Config [baseline] (619.825 µs) : 0, 620
Remote Config [candidate] (632.859 µs) : 0, 633
Telemetry [baseline] (7.886 ms) : 0, 7886
Telemetry [candidate] (7.151 ms) : 0, 7151
section iast_TELEMETRY_OFF
BytebuddyAgent [baseline] (791.07 ms) : 0, 791070
BytebuddyAgent [candidate] (791.566 ms) : 0, 791566
GlobalTracer [baseline] (300.906 ms) : 0, 300906
GlobalTracer [candidate] (300.615 ms) : 0, 300615
AppSec [baseline] (53.779 ms) : 0, 53779
AppSec [candidate] (56.976 ms) : 0, 56976
IAST [baseline] (24.441 ms) : 0, 24441
IAST [candidate] (21.581 ms) : 0, 21581
Remote Config [baseline] (630.987 µs) : 0, 631
Remote Config [candidate] (610.884 µs) : 0, 611
Telemetry [baseline] (7.015 ms) : 0, 7015
Telemetry [candidate] (6.887 ms) : 0, 6887
Loading

Load

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
end_time 2024-09-26T11:31:49 2024-09-26T11:38:39
git_branch master malvarez/waf-user-blocking
git_commit_date 1727340475 1727349485
git_commit_sha 8ee4a5d f063945
release_version 1.40.0-SNAPSHOT~8ee4a5d6dd 1.40.0-SNAPSHOT~f063945952
start_time 2024-09-26T11:31:36 2024-09-26T11:38:25
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1727351064 1727351064
ci_job_id 652462662 652462662
ci_pipeline_id 45201355 45201355
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
variant iast iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 10 metrics, 18 unstable metrics.

Request duration reports for petclinic 
gantt
    title petclinic - request duration [CI 0.99] : candidate=1.40.0-SNAPSHOT~f063945952, baseline=1.40.0-SNAPSHOT~8ee4a5d6dd
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.349 ms) : 1329, 1369
.   : milestone, 1349,
appsec (1.705 ms) : 1680, 1730
.   : milestone, 1705,
appsec_no_iast (1.717 ms) : 1693, 1741
.   : milestone, 1717,
iast (1.488 ms) : 1466, 1510
.   : milestone, 1488,
profiling (1.511 ms) : 1487, 1535
.   : milestone, 1511,
tracing (1.46 ms) : 1436, 1485
.   : milestone, 1460,
section candidate
no_agent (1.342 ms) : 1323, 1361
.   : milestone, 1342,
appsec (1.718 ms) : 1694, 1742
.   : milestone, 1718,
appsec_no_iast (1.723 ms) : 1700, 1746
.   : milestone, 1723,
iast (1.49 ms) : 1469, 1512
.   : milestone, 1490,
profiling (1.503 ms) : 1477, 1529
.   : milestone, 1503,
tracing (1.457 ms) : 1434, 1481
.   : milestone, 1457,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.349 ms [1.329 ms, 1.369 ms] -
appsec 1.705 ms [1.68 ms, 1.73 ms] 356.043 µs (26.4%)
appsec_no_iast 1.717 ms [1.693 ms, 1.741 ms] 367.734 µs (27.3%)
iast 1.488 ms [1.466 ms, 1.51 ms] 138.673 µs (10.3%)
profiling 1.511 ms [1.487 ms, 1.535 ms] 161.314 µs (12.0%)
tracing 1.46 ms [1.436 ms, 1.485 ms] 111.034 µs (8.2%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.342 ms [1.323 ms, 1.361 ms] -
appsec 1.718 ms [1.694 ms, 1.742 ms] 376.161 µs (28.0%)
appsec_no_iast 1.723 ms [1.7 ms, 1.746 ms] 381.452 µs (28.4%)
iast 1.49 ms [1.469 ms, 1.512 ms] 148.389 µs (11.1%)
profiling 1.503 ms [1.477 ms, 1.529 ms] 161.286 µs (12.0%)
tracing 1.457 ms [1.434 ms, 1.481 ms] 115.301 µs (8.6%)
Request duration reports for insecure-bank 
gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.40.0-SNAPSHOT~f063945952, baseline=1.40.0-SNAPSHOT~8ee4a5d6dd
    dateFormat X
    axisFormat %s
section baseline
no_agent (376.772 µs) : 357, 397
.   : milestone, 377,
iast (476.856 µs) : 456, 498
.   : milestone, 477,
iast_FULL (546.246 µs) : 525, 567
.   : milestone, 546,
iast_GLOBAL (502.751 µs) : 481, 524
.   : milestone, 503,
iast_HARDCODED_SECRET_DISABLED (482.002 µs) : 461, 503
.   : milestone, 482,
iast_INACTIVE (443.785 µs) : 423, 464
.   : milestone, 444,
iast_TELEMETRY_OFF (473.894 µs) : 452, 496
.   : milestone, 474,
tracing (441.141 µs) : 421, 462
.   : milestone, 441,
section candidate
no_agent (370.259 µs) : 350, 390
.   : milestone, 370,
iast (478.96 µs) : 457, 501
.   : milestone, 479,
iast_FULL (547.94 µs) : 527, 569
.   : milestone, 548,
iast_GLOBAL (503.598 µs) : 482, 525
.   : milestone, 504,
iast_HARDCODED_SECRET_DISABLED (483.988 µs) : 463, 505
.   : milestone, 484,
iast_INACTIVE (445.768 µs) : 425, 467
.   : milestone, 446,
iast_TELEMETRY_OFF (472.883 µs) : 450, 496
.   : milestone, 473,
tracing (442.413 µs) : 422, 463
.   : milestone, 442,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 376.772 µs [356.974 µs, 396.569 µs] -
iast 476.856 µs [455.837 µs, 497.876 µs] 100.085 µs (26.6%)
iast_FULL 546.246 µs [525.223 µs, 567.27 µs] 169.475 µs (45.0%)
iast_GLOBAL 502.751 µs [481.034 µs, 524.467 µs] 125.979 µs (33.4%)
iast_HARDCODED_SECRET_DISABLED 482.002 µs [460.994 µs, 503.009 µs] 105.23 µs (27.9%)
iast_INACTIVE 443.785 µs [423.196 µs, 464.374 µs] 67.013 µs (17.8%)
iast_TELEMETRY_OFF 473.894 µs [451.563 µs, 496.224 µs] 97.122 µs (25.8%)
tracing 441.141 µs [420.666 µs, 461.615 µs] 64.369 µs (17.1%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 370.259 µs [350.436 µs, 390.081 µs] -
iast 478.96 µs [457.415 µs, 500.506 µs] 108.701 µs (29.4%)
iast_FULL 547.94 µs [526.824 µs, 569.056 µs] 177.681 µs (48.0%)
iast_GLOBAL 503.598 µs [482.396 µs, 524.8 µs] 133.339 µs (36.0%)
iast_HARDCODED_SECRET_DISABLED 483.988 µs [462.897 µs, 505.079 µs] 113.73 µs (30.7%)
iast_INACTIVE 445.768 µs [424.948 µs, 466.588 µs] 75.51 µs (20.4%)
iast_TELEMETRY_OFF 472.883 µs [450.224 µs, 495.541 µs] 102.624 µs (27.7%)
tracing 442.413 µs [421.573 µs, 463.252 µs] 72.154 µs (19.5%)

Dacapo

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master malvarez/waf-user-blocking
git_commit_date 1727340475 1727349485
git_commit_sha 8ee4a5d f063945
release_version 1.40.0-SNAPSHOT~8ee4a5d6dd 1.40.0-SNAPSHOT~f063945952
See matching parameters
Baseline Candidate
application biojava biojava
ci_job_date 1727351613 1727351613
ci_job_id 652462663 652462663
ci_pipeline_id 45201355 45201355
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
variant appsec appsec

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 11 metrics, 1 unstable metrics.

Execution time for tomcat 
gantt
    title tomcat - execution time [CI 0.99] : candidate=1.40.0-SNAPSHOT~f063945952, baseline=1.40.0-SNAPSHOT~8ee4a5d6dd
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.473 ms) : 1462, 1485
.   : milestone, 1473,
appsec (2.332 ms) : 2291, 2373
.   : milestone, 2332,
iast (2.071 ms) : 2020, 2121
.   : milestone, 2071,
iast_GLOBAL (2.112 ms) : 2061, 2163
.   : milestone, 2112,
profiling (1.934 ms) : 1893, 1975
.   : milestone, 1934,
tracing (1.908 ms) : 1869, 1946
.   : milestone, 1908,
section candidate
no_agent (1.462 ms) : 1451, 1474
.   : milestone, 1462,
appsec (2.33 ms) : 2289, 2371
.   : milestone, 2330,
iast (2.066 ms) : 2015, 2117
.   : milestone, 2066,
iast_GLOBAL (2.119 ms) : 2067, 2170
.   : milestone, 2119,
profiling (2.431 ms) : 2242, 2620
.   : milestone, 2431,
tracing (1.904 ms) : 1865, 1942
.   : milestone, 1904,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.473 ms [1.462 ms, 1.485 ms] -
appsec 2.332 ms [2.291 ms, 2.373 ms] 858.548 µs (58.3%)
iast 2.071 ms [2.02 ms, 2.121 ms] 597.671 µs (40.6%)
iast_GLOBAL 2.112 ms [2.061 ms, 2.163 ms] 638.789 µs (43.4%)
profiling 1.934 ms [1.893 ms, 1.975 ms] 460.589 µs (31.3%)
tracing 1.908 ms [1.869 ms, 1.946 ms] 434.678 µs (29.5%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.462 ms [1.451 ms, 1.474 ms] -
appsec 2.33 ms [2.289 ms, 2.371 ms] 867.697 µs (59.3%)
iast 2.066 ms [2.015 ms, 2.117 ms] 603.431 µs (41.3%)
iast_GLOBAL 2.119 ms [2.067 ms, 2.17 ms] 656.348 µs (44.9%)
profiling 2.431 ms [2.242 ms, 2.62 ms] 968.682 µs (66.2%)
tracing 1.904 ms [1.865 ms, 1.942 ms] 441.176 µs (30.2%)
Execution time for biojava 
gantt
    title biojava - execution time [CI 0.99] : candidate=1.40.0-SNAPSHOT~f063945952, baseline=1.40.0-SNAPSHOT~8ee4a5d6dd
    dateFormat X
    axisFormat %s
section baseline
no_agent (15.308 s) : 15308000, 15308000
.   : milestone, 15308000,
appsec (15.485 s) : 15485000, 15485000
.   : milestone, 15485000,
iast (18.863 s) : 18863000, 18863000
.   : milestone, 18863000,
iast_GLOBAL (18.147 s) : 18147000, 18147000
.   : milestone, 18147000,
profiling (15.31 s) : 15310000, 15310000
.   : milestone, 15310000,
tracing (15.13 s) : 15130000, 15130000
.   : milestone, 15130000,
section candidate
no_agent (15.127 s) : 15127000, 15127000
.   : milestone, 15127000,
appsec (15.385 s) : 15385000, 15385000
.   : milestone, 15385000,
iast (18.763 s) : 18763000, 18763000
.   : milestone, 18763000,
iast_GLOBAL (17.884 s) : 17884000, 17884000
.   : milestone, 17884000,
profiling (15.13 s) : 15130000, 15130000
.   : milestone, 15130000,
tracing (15.165 s) : 15165000, 15165000
.   : milestone, 15165000,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.308 s [15.308 s, 15.308 s] -
appsec 15.485 s [15.485 s, 15.485 s] 177.0 ms (1.2%)
iast 18.863 s [18.863 s, 18.863 s] 3.555 s (23.2%)
iast_GLOBAL 18.147 s [18.147 s, 18.147 s] 2.839 s (18.5%)
profiling 15.31 s [15.31 s, 15.31 s] 2.0 ms (0.0%)
tracing 15.13 s [15.13 s, 15.13 s] -178.0 ms (-1.2%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.127 s [15.127 s, 15.127 s] -
appsec 15.385 s [15.385 s, 15.385 s] 258.0 ms (1.7%)
iast 18.763 s [18.763 s, 18.763 s] 3.636 s (24.0%)
iast_GLOBAL 17.884 s [17.884 s, 17.884 s] 2.757 s (18.2%)
profiling 15.13 s [15.13 s, 15.13 s] 3.0 ms (0.0%)
tracing 15.165 s [15.165 s, 15.165 s] 38.0 ms (0.3%)

@manuel-alvarez-alvarez manuel-alvarez-alvarez marked this pull request as ready for review September 18, 2024 08:06
@manuel-alvarez-alvarez manuel-alvarez-alvarez force-pushed the malvarez/waf-user-blocking branch 2 times, most recently from d05d199 to 301a996 Compare September 18, 2024 14:10
Base automatically changed from malvarez/waf-session-fingerprint to master September 19, 2024 07:44
jandro996
jandro996 reviewed Sep 19, 2024
View reviewed changes
...curity-5/src/test/groovy/datadog/trace/instrumentation/springsecurity5/SecurityConfig.groovy
@Bean
UserDetailsManager userDetailsService() {
return new JdbcUserDetailsManager(dataSource)
return new InMemoryUserDetailsManager() {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice improvement! 👍

amarziali
amarziali approved these changes Sep 19, 2024
View reviewed changes
Copy link
Collaborator

@amarziali amarziali left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM on a cursory read for IDM

@manuel-alvarez-alvarez manuel-alvarez-alvarez force-pushed the malvarez/waf-user-blocking branch 2 times, most recently from 0ecd8e1 to f063945 Compare September 26, 2024 11:19
@manuel-alvarez-alvarez manuel-alvarez-alvarez merged commit 59ce38a into master Sep 29, 2024
99 of 101 checks passed
@manuel-alvarez-alvarez manuel-alvarez-alvarez deleted the malvarez/waf-user-blocking branch September 29, 2024 16:31
@github-actions github-actions bot added this to the 1.40.0 milestone Sep 29, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@datadog-datadog-prod-us1 Datadog - DataDog prod us1 Datadog - DataDog prod us1 left review comments

@amarziali amarziali amarziali approved these changes

@jandro996 jandro996 jandro996 approved these changes

@Mariovido Mariovido Awaiting requested review from Mariovido Mariovido is a code owner automatically assigned from DataDog/asm-java

@dougqh dougqh Awaiting requested review from dougqh dougqh is a code owner automatically assigned from DataDog/apm-java

Assignees
No one assigned
Labels
comp: asm waf Application Security Management (WAF) type: enhancement
Projects
None yet
Milestone
1.40.0
Development

Successfully merging this pull request may close these issues.
4 participants
@manuel-alvarez-alvarez @amarziali @jandro996 @smola