Details
-
Task
-
Status: Open
-
Major
-
Resolution: Unresolved
-
1.5.0, 1.6.0
-
None
-
None
Description
This is a follow-up Jira of KNOX-2658: in the corresponding PR we agreed that's ok to remove in-memory lookup in the JDBC token state service implementation for expiration time and metadata (the 2 data that can be changed through a token's lifetime).
However, in case of performance issues, we may want to add a more sophisticated in-memory cache in DefaultTokenStateService using Caffeine (like we do in other places within Knox) with a configurable entry TTL and documentation on the side effects of that change (e.g. introducing eventual consistency in HA environments).