[
https://issues.redhat.com/browse/ISPN-12126?page=com.atlassian.jira.plugi...
]
Gustavo Fernandes updated ISPN-12126:
-------------------------------------
Description:
Currently, the auth token is cached on a per-connection basis in the RestHandler. This
works fine for HTTP/1 with keep-alive, but not for HTTP/2, because it multiplexes and uses
one child-channel per each simultaneous request/response pair (stream).
One suggestion is to use
{{[org.wildfly.security.auth.realm.CachingSecurityRealm|https://wildfly-security.github.io/wildfly-elytron/1.1.x/org/wildfly/security/auth/realm/CachingSecurityRealm.html]}}
around the supported security realms to cache credentials for a configurable amount of
time, or based on the number of credentials. This would also improve Hot Rod since the
security realms are global
was:
Currently, the auth token is cached on a per-connection basis in the RestHandler. This
works fine for HTTP/1 with keep-alive, but not for HTTP/2, because it multiplexes and uses
one child-channel per each simultaneous request/response pair (stream).
One suggestion is to use {{org.wildfly.security.auth.realm.CachingSecurityRealm}} around
the supported security realms to cache credentials for a configurable amount of time, or
based on the number of credentials. This would also improve Hot Rod since the security
realms are global
Performance drop when using auth in REST
----------------------------------------
Key: ISPN-12126
URL:
https://issues.redhat.com/browse/ISPN-12126
Project: Infinispan
Issue Type: Bug
Components: REST, Security
Affects Versions: 11.0.1.Final
Reporter: Gustavo Fernandes
Assignee: Gustavo Fernandes
Priority: Major
Currently, the auth token is cached on a per-connection basis in the RestHandler. This
works fine for HTTP/1 with keep-alive, but not for HTTP/2, because it multiplexes and uses
one child-channel per each simultaneous request/response pair (stream).
One suggestion is to use
{{[org.wildfly.security.auth.realm.CachingSecurityRealm|https://wildfly-security.github.io/wildfly-elytron/1.1.x/org/wildfly/security/auth/realm/CachingSecurityRealm.html]}}
around the supported security realms to cache credentials for a configurable amount of
time, or based on the number of credentials. This would also improve Hot Rod since the
security realms are global
--
This message was sent by Atlassian Jira
(v7.13.8#713008)