[keycloak-dev] defaults for user session storage

Stian Thorgersen stian at redhat.com
Mon Jul 27 01:56:27 EDT 2015



----- Original Message -----
> From: "Bill Burke" <bburke at redhat.com>
> To: keycloak-dev at lists.jboss.org
> Sent: Saturday, 25 July, 2015 6:57:13 PM
> Subject: [keycloak-dev] defaults for user session storage
> 
> For our testsuite and for the distro, I'd like to make infinispan the
> default storage as this will probably be the most used solution.  This
> also means we need to make sure replication is set up to be
> secured/encrypted by default.

+1 We should delete the in-mem cache and only keep the Infinispan cache. We could even remove the no cache option and just always use Infinispan.

I don't think replication needs to be encrypted by default. We don't send anything sensitive as we're just using an invalidation cache. So no realm keys, etc are transmitted. In either case the database connection is in most cases not encrypted so these things are actually being sent on the local network.

> 
> --
> Bill Burke
> JBoss, a division of Red Hat
> http://bill.burkecentral.com
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
> 


More information about the keycloak-dev mailing list