Hi Sanjeewa, On Sunday, November 22, 2015, Sanjeewa Malalgoda <sanje...@wso2.com> wrote:
> In 1.10 we have commemted out cache clear handler in revoke api but it was > there in token API. So by default we will not use transport headers coming > from revoke request but use in token api. But i dont see any other option > if we need to clear cache in gateway. > @amila have we done something to clear cache without cache clear handler? > Nope, the only additional cache related method we introduced was getActiveTokensByConsumerKey which is used to clear Gateway Cache, when a change happens on the subscription. During one of the discussions we had when this requirement was brought up, one option discussed was calling APIAuthenticationService.invalidateCachedTokens from KeyManager. If KeyManager has a listener which gets called while tokens get revoked, then this operation can be called from that listener. > if not we have 2 options > 1. clear cache during request path of token revoke apis. Then we can clear > cache without relying on what happen in key manager side. > Disadvantage of this is we have to build message body in request path. > But still we won't be able to clear the cache when refresh token is used, right? > 2.Have extension point in key manager to register call back for token > revoke events. Then we can implement code to call back to gateway. > > WDYT? > > Thanks > sanjeewa. > > sent from my phone > On Nov 23, 2015 12:38 AM, "Johann Nallathamby" <joh...@wso2.com> wrote: > >> APIM Team, >> >> Regarding [1], I know this was implemented as part of a requirement for >> API Manager. Does API Manager rely on this still ? Can we get rid of >> returning these tokens ? In the new versions of API Manager if you are >> supporting external key managers according to standards how are you going >> to interoperate if you relying on such custom headers ? >> >> [1] https://wso2.org/jira/browse/IDENTITY-4112 >> >> -- >> Thanks & Regards, >> >> *Johann Dilantha Nallathamby* >> Technical Lead & Product Lead of WSO2 Identity Server >> Governance Technologies Team >> WSO2, Inc. >> lean.enterprise.middleware >> >> Mobile - *+94777776950* >> Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>* >> >
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
