1. Ticket Details

FieldDescription
Ticket IDAMM-1670
SeverityBlocker
CategoryBug
Affected Module / FeatureHWC,  Admin

2. Issue Description

User data could not be retrieved during hwc benficary registration due to a combination of Redis cache miss and lazy-loading failure in Hibernate mapping, leading to system exception.
In the Admin API, serialization of the User entity failed or returned incorrect values when the fields isDeleted and isSupervisor were null.

3. Root Cause Analysis (RCA)


Technique Used: Log/Trace Review

  • HWC API

    • The Redis key (user_<userId>) had expired or was never set, resulting in a cache miss.

    • As a result, the system fell back to fetching the user from the database.

    • In the User entity, the PAN field caused a serialization issue due to missing or mismatched annotations.

    • The @OneToMany mapping (m_UserLangMappings) with FetchType.EAGER led to performance impact and potential lazy-loading exceptions when Redis stored serialized User objects.

    🔹 Admin API

    • Fields Defined as Wrapper Types (Boolean):
      The Deleted and isSupervisor fields were declared as Boolean (wrapper class) instead of boolean (primitive), allowing null values in the database.

    • Unsafe Boolean Getter Methods:
      Methods like:


      public boolean isDeleted() { return Deleted; // Risk of NullPointerException if Deleted is null }

      led to runtime errors or incorrect API responses when the fields were null.

    • Legacy Null Data in Database:
      Older entries in the M_User table had NULL values for Deleted or isSupervisor.

4. Corrective Actions (Fixes for this instance)

ActionOwnerTarget DateStatus
Corrected User entity serialization for PAN and m_UserLangMappings to avoid deserialization issues by redis
Modified isDeleted() and similar methods to use Boolean.TRUE.equals(...) to avoid NullPointerException.

Developer

 

Completed


5. Preventive Actions (To prevent recurrence)

ActionOwnerTarget DateStatus
Add async sequence validation in critical login flowsQA


6. Verification of Effectiveness

  • Retested login flow with expired Redis key to confirm fallback to DB works as expected
  • Validated PAN mapping and JSON serialization
  • Reviewed logs to confirm no further findByUserID pan errors after fix
  • Validated admin responses are accurate and unaffected by boolean field inconsistencies.


7. Lessons Learned

  • Redis cache expiry must be handled with a proper fallback to the database to maintain system reliability.

  • Entity fields like PAN should be correctly mapped and annotated to support JSON serialization and avoid runtime issues.

  • Use of EAGER fetching should be limited to cases where it's absolutely necessary to avoid performance or lazy loading problems.

  • Boolean fields like Deleted and isSupervisor should be declared as boolean (primitive) when null values are not acceptable. This avoids unnecessary null checks and runtime exceptions.

8. CAPA Review & Closure

Reviewed ByDateRemarks




  • No labels