Uploaded image for project: 'WildFly Core'
  1. WildFly Core
  2. WFCORE-370 Improve RBAC Performance
  3. WFCORE-375

Addition of caching for security realms backed by ldap.

    XMLWordPrintable

Details

    • Sub-task
    • Resolution: Done
    • Major
    • None
    • None
    • Management, Security
    • None

    Description

      For JAAS this is achieved by caching keyed on the combination of the username and the password, once we switch to the CallbackHandler approach this is no longer applicable as there is often not a single username/credential combination - instead a protocol specific exchange is used to establish the identity of the remote user.

      Any cache would also potentially require: -

      • Predicable eviction.
      • Management Operations e.g. clear entire cache, remove single entries etc...
      • Separation of caches for authenticiation data and additional data loaded for authorization purposes.

      Attachments

        Activity

          People

            darran.lofthouse@redhat.com Darran Lofthouse
            darran.lofthouse@redhat.com Darran Lofthouse
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: