[keycloak-dev] session.userLocalStorage() needs to be fronted by cache
Bill Burke
bburke at redhat.com
Mon Nov 21 11:18:25 EST 2016
I think I made a mistake when User Storage Providers are importing into
local cache. Currently KeycloakSession.userLocalStorage() does not have
a cache in front of it. The LDAP and Kerberos providers call this to
determine if the user has been imported or not. The thing is, the user
may already be cached and I think there is a possibility of updating the
user (on demand resync) and getting stale cache entries. Also, we don't
want a database hit every time there is validation happening.
So, I'm going to figure out a way to have the cache front the
userLocalStorage() method too like we do for userStorage(). This will
require some refactoring of UserCacheSession. Not sure if that will
conflict with Marek's work.
Bill
More information about the keycloak-dev
mailing list