[keycloak-dev] top level cache implemented

[Bill Burke]

I implemented a non-clustered simple cache for realms, apps, oauth 
clients, and roles.  Its backed by ConconcurrentHashMaps and is in 
memory.  It is on by default and the model tests use it.

If you want to disable it, go into keycloak-server.json and change the 
modelCache provider to "none".  I'll probably disable it for the release.

For a simple perf test of loading the login page and doing the access 
code flow to obtain a token, performance improved by 20-25%.  I'm 
guessing this improvement would be much higher with a non-embedded DBMS. 
  The only SQL which ran was loading users, load/update of UserSessions, 
and load of roles.  I could do more work to avoid loading roles.

Next steps?

* I need to work on stuff needed by Aerogear and other bugs and release 
beta 3.
* Should Hibernate 2nd level cache be investigated before more work is 
done here?
* Implement optional user caching to "simple" cache to see the 
performance benefits.
* Create a comprehensive integrity test that runs multiple threads that 
update/read concurrently to bang on cache implementation/ keycloak in 
general.
* make the cache clusterable.  Meaning secure invalidation messages.  I 
don't know if this means using Infinispan.  Might be more work to 
incorporate, configure, deploy, and bootstrap infinispan, than to 
provide simple HTTP invalidation messages.  Turning off the cache 
entirely if communication between nodes fails.



-- 
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com