[wildfly-dev] PicketLink pulling in JPA (Was: Changes to the PicketLink Module)
Fernando Ribeiro
fernando.ribeiro at upic.com.br
Mon Aug 5 23:36:27 EDT 2013
On Mon, Aug 5, 2013 at 11:32 PM, Scott Marlow <smarlow at redhat.com> wrote:
>
> What does a clustered PicketLink deployment look like? Does PL rely on
> the platform clustering services to notify nodes of changes to tokens in
> the database (e.g. update/delete/add)?
>
The token registry is little used today and mostly useful for auditing
purposes.
JPA would be used as a alternative to the in-memory (default) and
file-based registries which are not suitable for clustered deployments,
probably on top of a (simple) clustered database.
>
> From [3] that you mentioned at the start of this thread, it sounds like
> there is no clustering but instead some type of database polling to check
> if a token is revoked. When does the revoke check occur? Do you have any
> scalability issues here?
>
>
The revocation registry is also only useful for auditing purposes.
> Do revoked Ids get removed from the database?
>
AFAIK, no.
>
> Scott
>
> [3]
> https://access.redhat.com/site/documentation/en-US/JBoss_Enterprise_Application_Platform/6.1/html/API_Documentation/files/javadoc/org/picketlink/identity/federation/core/sts/registry/JPABasedRevocationRegistry.htm<https://access.redhat.com/site/documentation/en-US/JBoss_Enterprise_Application_Platform/6.1/html/API_Documentation/files/javadoc/org/picketlink/identity/federation/core/sts/registry/JPABasedRevocationRegistry.html>
>
--
Fernando Ribeiro
Upic
+55 11 9 8111 4078
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/wildfly-dev/attachments/20130806/0e30f245/attachment.html
More information about the wildfly-dev
mailing list