<div dir="ltr">It can be cached. The contents is only the html for the iframe and doesn't check if user is logged in. The check if a user is logged in is done by javascript, which reads the value of the session state cookie.<div><br></div><div>The only issue with caching is if the client is deleted or the origin is removed the session iframe is still valid until it's expired from the cache, but I don't think that's a problem.</div></div><div class="gmail_extra"><br><div class="gmail_quote">On 26 November 2015 at 15:19, Bill Burke <span dir="ltr"><<a href="mailto:bburke@redhat.com" target="_blank">bburke@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">You can't. This request is done to determine if the user is logged in<br>
or not, IIRC.<br>
<div class="HOEnZb"><div class="h5"><br>
On 11/26/2015 8:57 AM, Libor Krzyzanek wrote:<br>
> Hi,<br>
> I’m wondering if it would be possible to cache all unique “.../openid-connect/login-status-iframe.html" in browser and then also on CDN e.g. Akamai.<br>
> I mean whole URL with all parameters “clinet_id” and “origin”.<br>
><br>
> This would greatly improve performance of website using JS client because Akamai servers content much faster.<br>
><br>
> I checked our instance and http header has Cache-Control:max-age=2592000 which is 30 days<br>
><br>
> Does it mean that we can configure Akamai to cache it?<br>
> When the content of iframe.html could change and thus it’s needed to be invalidated on browser cache and on CDN cache?<br>
><br>
> Thanks,<br>
><br>
> Libor Krzyžanek<br>
> <a href="http://jboss.org" rel="noreferrer" target="_blank">jboss.org</a> Development Team<br>
><br>
><br>
> _______________________________________________<br>
> keycloak-dev mailing list<br>
> <a href="mailto:keycloak-dev@lists.jboss.org">keycloak-dev@lists.jboss.org</a><br>
> <a href="https://lists.jboss.org/mailman/listinfo/keycloak-dev" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-dev</a><br>
><br>
<br>
</div></div><span class="HOEnZb"><font color="#888888">--<br>
Bill Burke<br>
JBoss, a division of Red Hat<br>
<a href="http://bill.burkecentral.com" rel="noreferrer" target="_blank">http://bill.burkecentral.com</a><br>
</font></span><div class="HOEnZb"><div class="h5">_______________________________________________<br>
keycloak-dev mailing list<br>
<a href="mailto:keycloak-dev@lists.jboss.org">keycloak-dev@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-dev" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-dev</a></div></div></blockquote></div><br></div>