[keycloak-dev] session.userLocalStorage() needs to be fronted by cache
Marek Posolda
mposolda at redhat.com
Tue Nov 22 03:09:58 EST 2016
My stuff is already in. So the conflict shouldn't be there though.
The main thing is, that when you invalidate something, there needs to be
put new entry to "invalidationEvents" set, which are events to be sent
to other cluster nodes. The existing methods (eg.
registerUserInvalidation) are already doing it. This will work
regardless if cache is fronted with userStorage() or userLocalStorage() .
Marek
On 21/11/16 17:18, Bill Burke wrote:
> I think I made a mistake when User Storage Providers are importing into
> local cache. Currently KeycloakSession.userLocalStorage() does not have
> a cache in front of it. The LDAP and Kerberos providers call this to
> determine if the user has been imported or not. The thing is, the user
> may already be cached and I think there is a possibility of updating the
> user (on demand resync) and getting stale cache entries. Also, we don't
> want a database hit every time there is validation happening.
>
> So, I'm going to figure out a way to have the cache front the
> userLocalStorage() method too like we do for userStorage(). This will
> require some refactoring of UserCacheSession. Not sure if that will
> conflict with Marek's work.
>
> Bill
>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
More information about the keycloak-dev
mailing list