Nowadays there are two ways how to cache in the APIML: ehcache, infinispan
EhCache is used to cache information about JWT tokens (especially to store revoked tokens, but also caching generated tokens). Infinispan is used for PAT, loadbalancing, etc.
Storing revoked JWT token has an issue with sharing between multiple instances of Gateway and on the second hand Infinispan is a distributed cache as default.
The aim of this issue is to replace one of the library with the second and it looks resonable to replace EhCache with Infinispan. It could be a part of Modulith initiative (because cache-service would be part of APIML service).
There is one question about using Infinispan and enabling / disabling cache-service. Once Modulith will be in the place I guess disabling caching-service means just skipping the onboarding, but the Infinispan itself could be used. It also means that Infinispan ports should be enabled even the cache service is disabled (to share data between instances). It is also reasonable to enable Cache service as default then.
The benefits:
- to get rid of the code around sharing revoked tokens (less maintability)
- less dependency (low probability of vulnerabilities, smaller package)
- less configuration (omit of EhCache)
- less usage of memory
Nowadays there are two ways how to cache in the APIML: ehcache, infinispan
EhCache is used to cache information about JWT tokens (especially to store revoked tokens, but also caching generated tokens). Infinispan is used for PAT, loadbalancing, etc.
Storing revoked JWT token has an issue with sharing between multiple instances of Gateway and on the second hand Infinispan is a distributed cache as default.
The aim of this issue is to replace one of the library with the second and it looks resonable to replace EhCache with Infinispan. It could be a part of Modulith initiative (because cache-service would be part of APIML service).
There is one question about using Infinispan and enabling / disabling cache-service. Once Modulith will be in the place I guess disabling caching-service means just skipping the onboarding, but the Infinispan itself could be used. It also means that Infinispan ports should be enabled even the cache service is disabled (to share data between instances). It is also reasonable to enable Cache service as default then.
The benefits: