Looks fine to me, I like that security tokens now include the authentication method.
I think a diagram of interactions between the HTTP cache and the invalidation cache would be useful, probably inside DefaultInvalidationHandler.java. On Mon, Mar 2, 2009 at 1:11 PM, <[email protected]> wrote: > Updated > > http://codereview.appspot.com/23041 >
