[keycloak-dev] caching

Bill Burke bburke at redhat.com
Thu Feb 20 15:54:01 EST 2014

What's been brewing around in my mind awhile is optimization of the 
token service.  There's no reason everything couldn't be cached in 
memory for each token service deployed.  Even millions of users could be 
cache.  Memory is cheap.

The cache should be local only and only the Token Service should use it. 
  Admin console, or any other update operations would cause invalidation 
of each cache on each machine by sending invalidation messages.  These 
invalidation messages would be REST invocation secured by Keycloak of 
course!  If we wanted to put in any guarantees, we could back these 
invalidation messages with HornetQ or something.
Bill Burke
JBoss, a division of Red Hat

More information about the keycloak-dev mailing list