Hi Freddy, Just for clarification, are you talking about the TokenStore on the client or service side?
Colm. On Wed, Feb 19, 2014 at 8:03 PM, Freddy Exposito <[email protected]> wrote: > Hi All, > > We have a multi-thread application that uses several proxies (10 threads, > each thread using one proxy object) over one single endpoint. The > EHCacheManagerHolder returns the CacheConfiguration based on the endpoint. > As result of this, we have 10 threads/proxies making a lot of calls using > the same TokenStore to keep all the SecurityToken (for the > SymmetricBindingHandler in our case). > > Once the store is full, EhCache starts evicting elements. As the default > LRU > ehcache algorithm takes 30 elements randomly and delete the Last Recently > Used (LRU) of these 30 elements, it's happening to us often that a wrong > element is evicted and the symmetric handling process fail because a > required security token can not be find. > > I have tried with longer sizes (5000, 10000) for the TokenStore and > although less frequently, still happens. Besides, using big size for the > TokenStore consumes lot of memory as we are storing also SAML Tokens that > are not small. > > Do you have any workaround for this issue? Do you think it might be better > to have the TokenStore instance per proxy object instead of per endpoint? > > We know we can reference our own TokenStore implementation using the > ws-security property but we are trying to use what comes by default. > > Thanks, > Freddy > > > > -- > View this message in context: > http://cxf.547215.n5.nabble.com/Ehcache-is-evicting-Security-Tokens-that-are-already-required-tp5740191.html > Sent from the cxf-dev mailing list archive at Nabble.com. > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
