Ah! I see! My bad. I simply "assumed" get() would operate on a Map - or something like ...
Thanks for clarification, Colm On Mon, Nov 4, 2013 at 12:38 PM, Colm O hEigeartaigh <[email protected]>wrote: > It's up to the cache implementation to handle expiry. For example, look at > the "get" method in the default cache based on EhCache: > > > http://svn.apache.org/viewvc/cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/cache/EHCacheXKMSClientCache.java?view=markup > > Colm. > > > On Mon, Nov 4, 2013 at 11:14 AM, Frizz <[email protected]> wrote: > > > Hi there, > > > > I have doubts regarding the cache handling in XKMS. > > > > It seems once a certificate for IssuerSerial is found in the cache, it > > never checks the XKMS Service (LDAP, etc.) ever again, because the cache > > never expires. > > > > > > class: XkmsCryptoProvider > > package: org.apache.cxf.xkms.crypto.impl > > > > private X509Certificate[] getX509CertificatesInternal(CryptoType > > cryptoType) { > > ... > > String key = getKeyForIssuerSerial(cryptoType.getIssuer(), > > cryptoType.getSerial()); > > > > // Try local cache next > > if (xkmsClientCache != null) { > > XKMSCacheToken cachedToken = xkmsClientCache.get(key); > > if (cachedToken != null && > cachedToken.getX509Certificate() > > != null) { > > *return* new X509Certificate[] > > {cachedToken.getX509Certificate()}; > > } > > } > > ... > > // Now ask the XKMS Service > > ... > > } > > > > cheers, > > F. > > > > > > -- > Colm O hEigeartaigh > > Talend Community Coder > http://coders.talend.com >
