Re: [Dev] [DEV][APIM][C5] - Caching requirement for OAuth2 protected microservices

+Azeez, +Kishanthan On Tue, Mar 14, 2017 at 12:57 PM, Harsha Thirimanna wrote: > Hi Rajith, > > Yes as Shani said, do we have any final decision to do this as a platform > level solution ? > > *Harsha Thirimanna* > *Associate Tech Lead | WSO2* > > Email: hars...@wso2.com >

Re: [Dev] [DEV][APIM][C5] - Caching requirement for OAuth2 protected microservices

Hi Rajith, Yes as Shani said, do we have any final decision to do this as a platform level solution ? *Harsha Thirimanna* *Associate Tech Lead | WSO2* Email: hars...@wso2.com Mob: +94715186770 Blog: http://harshathirimanna.blogspot.com/ Twitter: http://twitter.com/harshathirimann Linked-In:

Re: [Dev] [DEV][APIM][C5] - Caching requirement for OAuth2 protected microservices

Hi all, Just want to know if there has been a final decision being made on the cache used? On Sat, Feb 25, 2017 at 12:47 AM, Rajith Roshan wrote: > Hi all, > Since distributed caches are no longer used in C5, we thought of using > this as a local cache. If the token is

Re: [Dev] [DEV][APIM][C5] - Caching requirement for OAuth2 protected microservices

Hi all, Since distributed caches are no longer used in C5, we thought of using this as a local cache. If the token is missing in the cache then it will be validated using the key manager. So having this as a local cache is enough for our scenario. But the only issue we have is if token is revoked

Re: [Dev] [DEV][APIM][C5] - Caching requirement for OAuth2 protected microservices

We also did some poc using Memcache and it is like a centralized caching system rather than distributing cache among the nodes. And it is released only very light weight engine and we have to implement our own way to manage it. Anyway, don't you guys have to replicate loca cache among the other

Re: [Dev] [DEV][APIM][C5] - Caching requirement for OAuth2 protected microservices

Its great if we can have some feedback about this, active C5 development needs this moving forward. @Azeez and @Kishanthan, do we have any preferences? On 24 February 2017 at 13:12, Sagara Gunathunga wrote: > > > > > > On Fri, Feb 24, 2017 at 7:28 AM, Uvindra Dias Jayasinha

Re: [Dev] [DEV][APIM][C5] - Caching requirement for OAuth2 protected microservices

On Fri, Feb 24, 2017 at 7:28 AM, Uvindra Dias Jayasinha wrote: > This will function like any of the local container classes we use(example: > HashMap). I think its fine to use one of the available implementations(such > as Guava since we already have it as a dependency) for

Re: [Dev] [DEV][APIM][C5] - Caching requirement for OAuth2 protected microservices

This will function like any of the local container classes we use(example: HashMap). I think its fine to use one of the available implementations(such as Guava since we already have it as a dependency) for this. Testing will reveal its suitability but I don't anticipate any issues since this is

Re: [Dev] [DEV][APIM][C5] - Caching requirement for OAuth2 protected microservices

Hi Rajith, I think this is a generic requirement for all the C5 based products rather than for this specific use case. So we need to come up with a solution that can be used across the platform. Thanks, On Thu, Feb 16, 2017 at 12:37 AM, Rajith Roshan wrote: > Hi all, > > In

[Dev] [DEV][APIM][C5] - Caching requirement for OAuth2 protected microservices

Hi all, In C5 API Manager back end REST APIs (micro services) are protected using oauth2 token. Every time request comes to micro services, interceptor will validate the access token sent in the authorization header of the request. In order to validate the token we need to do a introspection