Guide for distributed authentication and logged out cookie caches. #849

jvanhill · 2022-10-14T18:36:21Z

We should have a guide for working with the distributed authentication and logged out cookie caches.

They may be similar to the HttpSession cache guide here: https://openliberty.io/guides/sessions.html

The guide should:

Configure two Liberty servers to connect to the same cache.
Start an Infinispan server in a docker container.
Start the two Liberty servers. This will create the two caches. Verify in the Infinispan console.
Login to server1 save the LTPA cookie.
Use the LTPA cookie to access a resource on server1.
Use the LTPA cookie to access a resource on server2. Verify the cache hits/misses to the authentication cache on the Infinisipan console.
Logout using the LTPA cookie on server1.
Use the logged out LTPA cookie to access a resource on server1. The response should be a redirect to the login page.
Use the logged out LTPA cookie to access a resource on server2. The response should be a redirect to the login page. This indicates that the JCache was used when checking the logged out cookies since we logged out on the other server. The logged out cookie cache hit/miss statistics can be checked in the Infinispan console to verify.

jvanhill mentioned this issue Oct 14, 2022

SEC 380 - Support for distributed Auth Cache in Liberty OpenLiberty/open-liberty#9005

Closed

31 tasks

gkwan-ibm added the new guide label Nov 4, 2022

Provide feedback