From: "Stian Thorgersen" <stian(a)redhat.com>
To: "Bill Burke" <bburke(a)redhat.com>
Cc: keycloak-dev(a)lists.jboss.org
Sent: Monday, 27 July, 2015 7:56:27 AM
Subject: Re: [keycloak-dev] defaults for user session storage
----- Original Message -----
> From: "Bill Burke" <bburke(a)redhat.com>
> To: keycloak-dev(a)lists.jboss.org
> Sent: Saturday, 25 July, 2015 6:57:13 PM
> Subject: [keycloak-dev] defaults for user session storage
>
> For our testsuite and for the distro, I'd like to make infinispan the
> default storage as this will probably be the most used solution. This
> also means we need to make sure replication is set up to be
> secured/encrypted by default.
+1 We should delete the in-mem cache and only keep the Infinispan cache. We
could even remove the no cache option and just always use Infinispan.
I don't think replication needs to be encrypted by default. We don't send
anything sensitive as we're just using an invalidation cache. So no realm
keys, etc are transmitted. In either case the database connection is in most
cases not encrypted so these things are actually being sent on the local
network.
>
> --
> Bill Burke
> JBoss, a division of Red Hat
>
http://bill.burkecentral.com
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev(a)lists.jboss.org
>
https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev