REST API does not take effect immediately due to 10 minute authentication cache

Description

From my experience with the GeoServer REST API, e.g. adding a user to a group , the change happens and is written to disk immediately, however there is a 10 minute authentication cache that prevents the change from being effective immediately.

If I am impatient, I typically reload the configuration or use the AuthKey synchronise button to clear the 10 min auth cache. I am aware of the reload API endpoint but that is a bit drastic.
The reset endpoint does not appear to clear the auth cache.

Environment

None

Activity

Peter Smythe 
July 11, 2024 at 2:58 PM

Withdrawing because that is the wrong approach!

Peter Smythe 
June 21, 2024 at 11:25 AM
(edited)

I have found that adding this bean to src/main/java/applicationSecurityContext.xml fixes the problem

<bean id="AuthenticationCacheImpl" class="org.geoserver.security.auth.AuthenticationCacheImpl" />

but I am unsure of the side effects of this.

Fixed

Details

Assignee

Reporter

Fix versions

Affects versions

Components

Priority

Created June 21, 2024 at 11:17 AM
Updated July 17, 2024 at 9:52 PM
Resolved July 17, 2024 at 9:52 PM