pzampino opened a new pull request #350: URL: https://github.com/apache/knox/pull/350
## What changes were proposed in this pull request? I've created a TokenStateService implementation that avoids the unnecessary overhead associated with the AliasBasedTokenStateService (size of keystore and associated performance of access). Since KNOX-2377 added the TokenStateJournal for addressing the potential loss of token state due to changes necessary to improve the performance of the AliasBasedTokenStateService, this new implementation leverages that journaling facility alone to manage token state. It is effectively, the AliasBasedTokenStateService without the keystore interactions. I've not yet made this implementation the default, but I have tested it locally, and I foresee this becoming the default for the near future since the use of the keystore presents an unnecessary burden now that secrets are no longer persisted with token state. ## How was this patch tested? - _mvn -T1.5C -Ppackage,release clean install_ - Added unit tests (JournalBasedTokenStateServiceTest), and augmented existing tests. - Changed (only locally) DefaultGatewayServices to use the new implementation, and tested manually, including concurrent load testing. Even with multiple concurrent clients making frequent token requests, the size of the persisted content grows at a small fraction of the rate that the keystore does under similar load. ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
