Re: [jboss-as7-dev] A simple timed cache?
>
> Depending on your needs it might not suite you: LIRS provides a
> bounded container, so it might drop some values even if the timeout
> was not reached.
Thanks Sanne, that is probably not going to meet what I need - one thing I
am looking at is better tracking of failed authentication attempts so I
wouldn't want someone to be able to force an item out by causing additional
entries to be added.
I really don't know about your plans, but having a limit in the amount
of entries the cache will be able to hold is generally a good idea.
A malicious user could otherwise find a pattern to fill the memory of
the AS by sending the appropriate (failing) authentication attempts,
maybe from multiple users.
Sanne