cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Colm O hEigeartaigh <>
Subject Re: Ehcache is evicting Security Tokens that are already required
Date Fri, 21 Feb 2014 16:34:55 GMT
Hi Freddy,

Just for clarification, are you talking about the TokenStore on the client
or service side?


On Wed, Feb 19, 2014 at 8:03 PM, Freddy Exposito <> wrote:

> Hi All,
> We have a multi-thread application that uses several proxies (10 threads,
> each thread using one proxy object)  over one single endpoint. The
> EHCacheManagerHolder returns the CacheConfiguration based on the endpoint.
> As result of this, we have 10 threads/proxies making a lot of calls using
> the same TokenStore to keep  all the SecurityToken (for the
> SymmetricBindingHandler in our case).
> Once the store is full, EhCache starts evicting elements. As the default
> ehcache algorithm takes 30 elements randomly and delete the Last Recently
> Used (LRU) of these 30 elements, it's happening to us often that a wrong
> element is evicted and the symmetric handling process fail because a
> required security token can not be find.
> I have tried with longer sizes (5000, 10000) for the TokenStore  and
> although less frequently,  still happens. Besides, using big size for the
> TokenStore consumes lot of memory as we are storing also SAML Tokens that
> are not small.
> Do you have any workaround for this issue? Do you think it might be better
> to have the TokenStore instance per proxy object instead of per endpoint?
> We know we can reference our own TokenStore implementation using the
> ws-security property but we are trying to use what comes by default.
> Thanks,
> Freddy
> --
> View this message in context:
> Sent from the cxf-dev mailing list archive at

Colm O hEigeartaigh

Talend Community Coder

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message