Hi all, with the update to Ehcache v3 some things broke: * It just doesn't work with Java 11 and OSGi (Studio) * The "group" cache configuration is wrong, it expires after 1200 seconds but it must not expire as the logic relies on it * Cache size configured in partition configuration is no longer applied
I did a first attempt to replace it with JCache and Caffeine but failed with other OSGi related issues. Finally I replaced ehcache with Caffeine only and it seems to work. I still have to test that it also works in Studio and verify the installers. Reviews and comments welcomed [1]. This includes some noteworthy changes: 1) Removal of the CacheService and config file: While Caffeine supports some kind of configuration (so called specs) that can be read from a config file I think it doesn't make sense to continue to use it. Most cache sizes are configurable via the server config, The TTLs and other cache characteristics can be configured at the places where the cache is needed. 2) Group cache: With ehcache v2 the group cache was configured to not evict an entries, but overflow to disk in case there are too many groups to avoid OOM. Caffeine does not support that (there are some workarounds though). For simplicity I changed the group cache to just use an ConcurrentHashMap. If we want to scale to 10000s of groups this has to be rewritten anyway. 3) Krb and ChangePwd replay cache: This is used to protect against replay attacks. With ehcache v2 those caches were also configured to overflow to disk to limit memory usage. I changed it to an unbounded cache with 5 minutes TTL, I don't see a danger of running OOM because only valid authentication attemps are stored in that cache. 4) DN cache: This is a single global cache used by DnFactory. The cache is now created in directly within DnFactory, the cache size it determined by the largest cache size configured in any of the partitions. 5) Partition specific caches (entryDn, piar, alias, and entry caches): Some of those were shared between partitions, but cache size was updated. Now each partition has its own dedicated set of caches with the individually configured cache size. Kind Regards, Stefan [1] https://github.com/apache/directory-server/pull/14