Hi, I’m wondering if it would be possible to cache all unique “.../openid-connect/login-status-iframe.html" in browser and then also on CDN e.g. Akamai. I mean whole URL with all parameters “clinet_id” and “origin”. This would greatly improve performance of website using JS client because Akamai servers content much faster. I checked our instance and http header has Cache-Control:max-age=2592000 which is 30 days Does it mean that we can configure Akamai to cache it? When the content of iframe.html could change and thus it’s needed to be invalidated on browser cache and on CDN cache? Thanks, Libor Krzyžanek jboss.org Development Team _______________________________________________ keycloak-dev mailing list keycloak-dev(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-dev

On Nov 26, 2015, at 3:26 PM, Stian Thorgersen <sthorger(a)redhat.com&gt; wrote: It can be cached. The contents is only the html for the iframe and doesn't check if user is logged in. The check if a user is logged in is done by javascript, which reads the value of the session state cookie. The only issue with caching is if the client is deleted or the origin is removed the session iframe is still valid until it's expired from the cache, but I don't think that's a problem. On 26 November 2015 at 15:19, Bill Burke <bburke(a)redhat.com <mailto:bburke@redhat.com>> wrote: You can't. This request is done to determine if the user is logged in or not, IIRC. On 11/26/2015 8:57 AM, Libor Krzyzanek wrote: > Hi, > I’m wondering if it would be possible to cache all unique “.../openid-connect/login-status-iframe.html" in browser and then also on CDN e.g. Akamai. > I mean whole URL with all parameters “clinet_id” and “origin”. > > This would greatly improve performance of website using JS client because Akamai servers content much faster. > > I checked our instance and http header has Cache-Control:max-age=2592000 which is 30 days > > Does it mean that we can configure Akamai to cache it? > When the content of iframe.html could change and thus it’s needed to be invalidated on browser cache and on CDN cache? > > Thanks, > > Libor Krzyžanek > jboss.org <http://jboss.org/> Development Team > > > _______________________________________________ > keycloak-dev mailing list > keycloak-dev(a)lists.jboss.org <mailto:keycloak-dev@lists.jboss.org> > https://lists.jboss.org/mailman/listinfo/keycloak-dev <https://lists.jboss.org/mailman/listinfo/keycloak-dev> > -- Bill Burke JBoss, a division of Red Hat http://bill.burkecentral.com <http://bill.burkecentral.com/> _______________________________________________ keycloak-dev mailing list keycloak-dev(a)lists.jboss.org <mailto:keycloak-dev@lists.jboss.org> https://lists.jboss.org/mailman/listinfo/keycloak-dev <https://lists.jboss.org/mailman/listinfo/keycloak-dev> _______________________________________________ keycloak-dev mailing list keycloak-dev(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-dev

On 11/26/2015 9:26 AM, Stian Thorgersen wrote: > It can be cached. The contents is only the html for the iframe and > doesn't check if user is logged in. The check if a user is logged in is > done by javascript, which reads the value of the session state cookie. > > Yeah, you're right sorry...funny cuz I implemented this stuff too... -- Bill Burke JBoss, a division of Red Hat http://bill.burkecentral.com