On Tue, Nov 24, 2015 at 7:47 AM, Amila De Silva <[email protected]> wrote:
> Hi Sanjeewa, > > On Sunday, November 22, 2015, Sanjeewa Malalgoda <[email protected]> > wrote: > >> In 1.10 we have commemted out cache clear handler in revoke api but it >> was there in token API. So by default we will not use transport headers >> coming from revoke request but use in token api. But i dont see any other >> option if we need to clear cache in gateway. >> @amila have we done something to clear cache without cache clear handler? >> > Nope, the only additional cache related method we introduced was > getActiveTokensByConsumerKey which is used to clear Gateway Cache, when a > change happens on the subscription. > > During one of the discussions we had when this requirement was brought up, > one option discussed was calling > APIAuthenticationService.invalidateCachedTokens from KeyManager. If > KeyManager has a listener which gets called while tokens get revoked, then > this operation can be called from that listener. > >> if not we have 2 options >> 1. clear cache during request path of token revoke apis. Then we can >> clear cache without relying on what happen in key manager side. >> Disadvantage of this is we have to build message body in request path. >> > But still we won't be able to clear the cache when refresh token is used, > right? > Yes refresh token would be a problem and we need to db call to fetch token entries. And i think now we don't need to iterate through cache as 2 layer caching is implemented. > 2.Have extension point in key manager to register call back for token >> revoke events. Then we can implement code to call back to gateway. >> >> WDYT? >> >> Thanks >> sanjeewa. >> >> sent from my phone >> On Nov 23, 2015 12:38 AM, "Johann Nallathamby" <[email protected]> wrote: >> >>> APIM Team, >>> >>> Regarding [1], I know this was implemented as part of a requirement for >>> API Manager. Does API Manager rely on this still ? Can we get rid of >>> returning these tokens ? In the new versions of API Manager if you are >>> supporting external key managers according to standards how are you going >>> to interoperate if you relying on such custom headers ? >>> >>> [1] https://wso2.org/jira/browse/IDENTITY-4112 >>> >>> -- >>> Thanks & Regards, >>> >>> *Johann Dilantha Nallathamby* >>> Technical Lead & Product Lead of WSO2 Identity Server >>> Governance Technologies Team >>> WSO2, Inc. >>> lean.enterprise.middleware >>> >>> Mobile - *+94777776950* >>> Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>* >>> >> -- *Sanjeewa Malalgoda* WSO2 Inc. Mobile : +94713068779 <http://sanjeewamalalgoda.blogspot.com/>blog :http://sanjeewamalalgoda.blogspot.com/ <http://sanjeewamalalgoda.blogspot.com/>
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
