Re: [wildfly-dev] PicketLink pulling in JPA (Was: Changes to the PicketLink Module)
On Mon, Aug 5, 2013 at 11:32 PM, Scott Marlow <smarlow(a)redhat.com> wrote:
What does a clustered PicketLink deployment look like? Does PL rely on
the platform clustering services to notify nodes of changes to tokens in
the database (e.g. update/delete/add)?
The token registry is little used today and mostly useful for auditing
purposes.
JPA would be used as a alternative to the in-memory (default) and
file-based registries which are not suitable for clustered deployments,
probably on top of a (simple) clustered database.
From [3] that you mentioned at the start of this thread, it sounds like
there is no clustering but instead some type of database polling to check
if a token is revoked. When does the revoke check occur? Do you have any
scalability issues here?
The revocation registry is also only useful for auditing purposes.
Do revoked Ids get removed from the database?
AFAIK, no.
--
Fernando Ribeiro
Upic
+55 11 9 8111 4078
Attachments:
- attachment.html (text/html — 2.2 KB)