In our application, we have an API call which takes in a thrift based token, transforms it into the appropriate type of AuthenticationToken, pulls the principal out of it and creates a SimplePrincipalCollection with it, and uses that to build a Subject. I then do subject.login(token) with that subject to authenticate. However, we noticed in testing that the object creation from this process is killing performance. I changed it to keep a Map of thrift token -> Subject, and then utilize isAuthenticated() which seems to have alleviated the issue.
However, I'm a bit miffed at the original performance issues, since I had set up Authentication caching. Is there a better way to just authenticate given a token, or is my way the right way? Additionally, I feel that caching a token->Subject is redundant with the authentication caching, so I don't know if there are better practices in this case as well. Thanks John
