-
Type:
Task
-
Status: Resolved
-
Priority:
Major
-
Resolution: Duplicate
-
Affects Version/s: 5.0.0
-
Fix Version/s: Not Applicable
-
Component/s: OAuth 2.0
-
Labels:
Since we now rely on the time-to-live value given by the AccessToken to cache it, the configuration "cacheExpiration" in the configuration of the OAuth2ResourceServerFilter is quite useless : it only serves to disable the cache by setting the value to zero. While it's quite useful, the real meaning of cacheExpiration is useless.
We should think about reworking that configuration and have a more targeted configuration for the cache (specifying the max expiration time, the tuning of the executor service, ...). This could be achieved through a specialized Decorator.
- duplicates
-
OPENIG-2004 OAuth2ResourceServerFilter cache configuration can lead to unexpected results if tokens expire early
-
- Resolved
-