[infinispan-issues] [JBoss JIRA] (ISPN-12126) Performance drop when using auth in REST

[ https://issues.redhat.com/browse/ISPN-12126?page=com.atlassian.jira.plugi... ] Gustavo Fernandes updated ISPN-12126: ------------------------------------- Description: Currently, the basic auth token is cached on a per-connection basis in the RestHandler. This works fine for HTTP/1 with keep-alive, but not for HTTP/2, because it multiplexes and uses one child-channel per each simultaneous request/response pair (stream). -One suggestion is to use {{[org.wildfly.security.auth.realm.CachingSecurityRealm|https://wildfly-security.github.io/wildfly-elytron/1.1.x/org/wildfly/security/auth/realm/CachingSecurityRealm.html]}} around the supported security realms to cache credentials for a configurable amount of time, or based on the number of credentials. This would also improve Hot Rod since the security realms are global- Regarding digest authentication, due to the existence of the nonce, clients must send different headers any time, so caching the header in the server will not work was: Currently, the auth token is cached on a per-connection basis in the RestHandler. This works fine for HTTP/1 with keep-alive, but not for HTTP/2, because it multiplexes and uses one child-channel per each simultaneous request/response pair (stream). -One suggestion is to use {{[org.wildfly.security.auth.realm.CachingSecurityRealm|https://wildfly-security.github.io/wildfly-elytron/1.1.x/org/wildfly/security/auth/realm/CachingSecurityRealm.html]}} around the supported security realms to cache credentials for a configurable amount of time, or based on the number of credentials. This would also improve Hot Rod since the security realms are global- -- This message was sent by Atlassian Jira (v7.13.8#713008)