[jboss-jira] [JBoss JIRA] (WFCORE-2662) Elytron caching-realm backed by ldap-realm should avoid hitting LDAP for a cache hit
Jan Kalina (JIRA)
issues at jboss.org
Tue Apr 11 10:03:01 EDT 2017
[ https://issues.jboss.org/browse/WFCORE-2662?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jan Kalina moved JBEAP-10292 to WFCORE-2662:
--------------------------------------------
Project: WildFly Core (was: JBoss Enterprise Application Platform)
Key: WFCORE-2662 (was: JBEAP-10292)
Workflow: GIT Pull Request workflow (was: CDW with loose statuses v1)
Component/s: Security
(was: Security)
Affects Version/s: 3.0.0.Beta14
(was: 7.1.0.DR11)
(was: 7.1.0.DR14)
> Elytron caching-realm backed by ldap-realm should avoid hitting LDAP for a cache hit
> ------------------------------------------------------------------------------------
>
> Key: WFCORE-2662
> URL: https://issues.jboss.org/browse/WFCORE-2662
> Project: WildFly Core
> Issue Type: Bug
> Components: Security
> Affects Versions: 3.0.0.Beta14
> Reporter: Jan Kalina
> Assignee: Jan Kalina
> Priority: Blocker
> Labels: caching, eap7.1-rfe-failure, eap71_beta_candidate, ldap, ldap-realm, security-realm
>
> Elytron {{caching-realm}} backed by {{ldap-realm}} provides caching for identity objects but not for related credentials and attributes. This is currently due to design of {{ldap-realm}} (like in case of {{filesystem-realm}}, see JBEAP-8628).
> Credentials and attributes should not be loaded from LDAP for a cache hit.
> Blocks EAP7-542 Elytron Caching Support. Note: caching of credentials is not a requirement, but may be reconsidered and become an enhancement to overall performance, see analysis document of the RFE. However, {{jdbc-realm}} is designed to enable caching of credentials. To be consistent, the {{ldap-realm}} should also enable caching of credentials.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list