SG -
How would you imagine Sole tackling this situation differently/better than
the ways you described?
I haven't looked at the code recently but I suspect the best practice is as
you detailed or simply make requests until they get denied and then
instantiate a new client with a valid token and continue.
Erik
On Sun, Jan 23, 2022, 14:06 S G <[email protected]> wrote:
> Hello,
>
> Can anyone share if Solr JWT is something widely used in production or not?
>
> We were planning to use it, but have stumbled across a problem where the
> JWT token on the client side isn't refreshed automatically.
> So if that expires after 15 minutes, client side traffic would come to a
> stop unless the token is refreshed.
> The only way we can think right now is to maintain two clients whose token
> renewals are expiry-time/2 minutes apart.
> But this seems like a lot of complexity on the client side to implement.
>
> 1. Maintain two client objects.
> 2. Keep their token renewals epxiry-time/2 minutes apart.
> 3. Switch traffic between the client objects so that you always use the
> client which has a valid token.
> 4. Maintain 1 or 2 background threads that refresh the JWT token for
> each client object
>
> Even if we do this somehow on the application side, what about all the
> integrations like spark-solr <https://github.com/lucidworks/spark-solr>.
> How do integrations like that use the above token-refresh and switch
> traffic kind of thing?
>
> Best,
> SG
>
