> would it make sense to do away
> entirely with this caching code, and leave management of credentials to
> the upstream authnz providers?
I remember this particular caching layer causing a one or two insidious
bugs in the past, all of which were nearly impossible to figure out. I
would be
I'm looking at the servlet filter code in
org.fcrepo.server.security.servletfilters, and I see that there is some
code to temporarily cache user credentials:
org.fcrepo.server.security.servletfilters.Cache
org.fcrepo.server.security.servletfilters.BaseCaching
org.fcrepo.server.sec
