Is there any sample code to show how the JWT-renewal can be done without any traffic loss? Any testcase in Solr regression would also be very good to look at.
Also, if anyone has tried to use JWT in production and can share their learnings, that would be great to hear. On Sun, Jan 23, 2022 at 6:42 PM 李旭纶 <[email protected]> wrote: > JWT Token has expire time in mind. You can decode second part (split by > dot) and get a JSON object witch has "iat" field means expire timestamp. > > > Before each request, check this time and renew it when it close. > > > On 1/24/2022 03:06,S G<[email protected]> wrote: > Hello, > > Can anyone share if Solr JWT is something widely used in production or not? > > We were planning to use it, but have stumbled across a problem where the > JWT token on the client side isn't refreshed automatically. > So if that expires after 15 minutes, client side traffic would come to a > stop unless the token is refreshed. > The only way we can think right now is to maintain two clients whose token > renewals are expiry-time/2 minutes apart. > But this seems like a lot of complexity on the client side to implement. > > 1. Maintain two client objects. > 2. Keep their token renewals epxiry-time/2 minutes apart. > 3. Switch traffic between the client objects so that you always use the > client which has a valid token. > 4. Maintain 1 or 2 background threads that refresh the JWT token for > each client object > > Even if we do this somehow on the application side, what about all the > integrations like spark-solr <https://github.com/lucidworks/spark-solr>. > How do integrations like that use the above token-refresh and switch > traffic kind of thing? > > Best, > SG >
