Uploaded image for project: 'Identity Gateway'
  1. Identity Gateway
  2. OPENIG-2945

CacheUserProfileService should react to sessions notifications

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Resolved
    • Priority: Major
    • Resolution: Won't Do
    • Affects Version/s: 6.5.0
    • Fix Version/s: Not Applicable
    • Component/s: OpenAM
    • Labels:
    • Sprint:
      2020.15 - IG / Microservices, 2020.16 - IG / Microservices
    • Story Points:
      0

      Description

      With the CacheUserProfileService in place, the only way for a user's profile to be evicted is that it reaches the maximum time to cache. But as Mark de Reeper suggested that may be a bit surprising for a webapplication user to logout from AM and then come back on an application and see that his profile was not updated ! 
      If the CacheUserProfileService listens the sessions notifications, there it could evict the user's profile from the cache and then on the next access the webapp user will its updated profile. 

      Note that this is quite a workaround, as there is no notification sent by AM about user's profile changes. In a scenario where the route does not involve the AM sessions (SingleSignOnFilter or SessionInfoFilter) like getting the user's profile of an OAuth2 access_token's subject, this won't help at all.

       

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              markdr Mark de Reeper
              Reporter:
              laurent.vaills Laurent Vaills
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: