Wednesday, September 12, 2012

How to enable/disable cache for API Key validation information and JWT token in WSO2 API Manager

WSO2 API Manager is a complete solution for publishing APIs, creating and managing a developer community and for scalably routing API traffic. It leverages proven, production-ready, integration, security and governance components from the WSO2 Enterprise Service Bus, WSO2 Identity Server, and WSO2 Governance Registry. In addition, as it is also powered by the WSO2 Business Activity Monitor, the WSO2 API Manager is ready for massively scalable deployment immediately.

According to wiki cache is a mechanism for the temporary storage (caching). So we use cache in WSO2 products to achieve higher performance. Please refer my previous article on replicate caching of API manager. So if we did a distributed deployment based on requirement we can decide whether we keep key validation information cache in gateway side or keymgt side. If you deployed both nodes in same data centre and do not worry about network overhead added you can keep cache at keymgt side. Else you can keep cache in gateway side. This is the best way of doing this since it prevents additional web service call. Lests see how we can configure it from gateway side.
Add the following lines under tag in api-manager.xml found under /repository/conf.


So above configuration will disable API gateway side ley validation information cache. Then it will call to keymgt per each incoming request.

Also we can cache JWT token with api key validation information. We can do this in keymgt node. Lets see how we could do this. This is also important as JWT generation is bit costly operation.
Add the following lines under tag in api-manager.xml found under /repository/conf.


So above configuration disable JWT cache which means generate new JWT token per each call to keymgt server.

No comments:

Post a Comment