Re: [keycloak-dev] openid-connect/login-status-iframe.html caching in browser and on CDN
It can be cached. The contents is only the html for the iframe and doesn't
check if user is logged in. The check if a user is logged in is done by
javascript, which reads the value of the session state cookie.
The only issue with caching is if the client is deleted or the origin is
removed the session iframe is still valid until it's expired from the
cache, but I don't think that's a problem.
On 26 November 2015 at 15:19, Bill Burke <bburke(a)redhat.com> wrote:
You can't. This request is done to determine if the user is
logged in
or not, IIRC.
On 11/26/2015 8:57 AM, Libor Krzyzanek wrote:
> Hi,
> I’m wondering if it would be possible to cache all unique
“.../openid-connect/login-status-iframe.html" in browser and then also on
CDN e.g. Akamai.
> I mean whole URL with all parameters “clinet_id” and “origin”.
>
> This would greatly improve performance of website using JS client
because Akamai servers content much faster.
>
> I checked our instance and http header has Cache-Control:max-age=2592000
which is 30 days
>
> Does it mean that we can configure Akamai to cache it?
> When the content of iframe.html could change and thus it’s needed to be
invalidated on browser cache and on CDN cache?
>
> Thanks,
>
> Libor Krzyžanek
> jboss.org Development Team
>
>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev
Attachments:
- attachment.html (text/html — 2.8 KB)