Hello, I found a way. Actually, it was documented: When the cache is deactivated, we have to define a value to JWTClaimCacheExpiry. I put 1 for one second. And that works.
Regards, Thomas 2018-08-22 17:45 GMT+02:00 Thomas LEGRAND <[email protected]>: > Hello there, > > I have a LDAP plugged as a secondary user store on the IS and users (from > this same LDAP) can access to the protected resources on my APIM. So, > everything's OK. > > But, because of *more* business need, I implemented a IN flow sequence for > my API on APIM. This sequence retrieves the JWT (if I am not mistaken, sent > by the IS) from where I retrieve the roles and do something special with > them. > > However, because of the immutable state of the JWT, I cannot see the > changes made on the user via the IS. So, is there a way to force the > refresh of the JWT to see those changes? > > I made some tests (even if they can impact the performances) and that was > not successful : > - I deactive the cache (on both IS and APIM thanks to > theCacheConfigurations part where I put everybody to false) > - revoking the OAuth2 token and regenerating it (I thought it was linked > in a way) > > And I don't find anything in the configuration files where I can > manipulate the behaviour concerning this JWT. > > Regards, > > Thomas >
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
