Jeff, > One of the things I'm thinking of doing is modifying the current > SqlObjectIdentityProvider to use SQL statements rather than SQLObject > directly. I would expect this to be *much* faster.
Please not. It reduces portability, reduces pressure to optimise SQL Object and later might cause issues with SQL Object caching. > load the user's secret token > load the user record and compute the user's groups and privileges Both these could be helped in the future by improved SQL Object caching > update the user's secret token expiration date This is not a time critical update. Why not put it in a queue and have a background thread saving the queue to the database? This way the main process is not delayed. Regards Dave
