I was thinking a bit about performance in a cluster. Right now a client
session is created whenever login is initiated. This ends up requiring
the client session to be propagated to the cluster, either through a
database insert/update or an infinispan replication. Then, with each
authentication/required action step, another insert/update/replication.
I was thinking we should have an AuthenticationSession that was in
memory only. Then, once all authentication and required actions are
finished, then create the usersession and client session. This would
require sticky sessions though with a load balancer.
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com