OAuth: remove hard coded groups_by_applications and users cache from OAuthCookieFilter
#1585
Comments
bamthomas
changed the title
groups_by_applications and users cache from OAuthCookieFiltergroups_by_applications and users cache from OAuthCookieFilter
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is your feature request related to a problem? Please describe.
This is related to the PR #1583
For projects ACL's and api key we use a user cache in Redis. This cache is overridden at each login.
The project ACL is used for example by
DocumentRessourceto check if users have access to a project bygetProjects/getProjectNamesin User.java. It is finally using the fieldgroups_by_applicationsreturned by the Identity Provider.Describe the solution you'd like
writableUsers().saveOrUpdate(datashareUser);could be in a subclass of theOAuth2CookieFilter.processOAuthApiResponsegroups_by_applications.datasharebut it could be located elsewhere in the json returned by the Identity Provider. That could allow other deployments to use the IP configuration for project ACL without using another persistence location.Additional context
see
When cache has been introduced #504.
latest refactor #1395
The text was updated successfully, but these errors were encountered: