Cache¶

Our reverse proxy is supposed to run continously for multiple days or even multiple months. Keeping track of all subject attributes would lead to huge memory consumption, even when the data will never be touched again. Therefore we use a cache system. In the cache every item gets inserted with their maximum life period and gets deleted once this period is over. We use hexadecimal representation of the SHA-256 hash of the access token as key and store the user information and the OpenID Connect Provider. The cache stores the data as CacheItem objects with a minimum heap structure, i.e. the smallest timestamp is on first position. The expire function removes every item from the cache once the timestamp is smaller than the current timestamp, i.e. the CacheItem’s lifetime period is over.

!include ../classes.plantuml remove arpoc.App remove arpoc.ac.Policy remove arpoc.ac.Policy_Set remove arpoc.ac.AC_Entity remove arpoc.ac.Rule remove arpoc.ac.AC_Container remove arpoc.ac.EvaluationResult remove arpoc.ac.conflict_resolution.AnyOfAny remove arpoc.ac.conflict_resolution.And remove arpoc.ac.conflict_resolution.ConflictResolution remove arpoc.ac.common.Effects remove arpoc.ac.parser.TransformAttr remove arpoc.ac.parser.TopLevelTransformer remove arpoc.ac.parser.OperatorTransformer remove arpoc.ac.parser.MiddleLevelTransformer remove arpoc.ac.parser.ExistsTransformer remove arpoc.ac.lark_adapter.MyTransformer remove arpoc.ac.lark_adapter.CombinedTransformer remove arpoc.base.ServiceProxy remove arpoc.base.OidcHandler remove arpoc.base.TLSOnlyDispatcher remove arpoc.config.ACConfig remove arpoc.config.Misc remove arpoc.config.OIDCProxyConfig remove arpoc.config.ProviderConfig remove arpoc.config.ProxyConfig remove arpoc.config.ServiceConfig remove arpoc.exceptions.ACEntityMissing remove arpoc.exceptions.AttributeMissing remove arpoc.exceptions.BadRuleSyntax remove arpoc.exceptions.BadSemantics remove arpoc.exceptions.ConfigError remove arpoc.exceptions.DuplicateKeyError remove arpoc.exceptions.EnvironmentAttributeMissing remove arpoc.exceptions.OIDCProxyException remove arpoc.exceptions.ObjectAttributeMissing remove arpoc.exceptions.SubjectAttributeMissing remove arpoc.pap.PAPNode remove arpoc.pap.PolicyAdministrationPoint remove arpoc.ac.parser.BinaryNumeralOperator remove arpoc.ac.parser.BinaryOperator remove arpoc.ac.parser.BinaryOperatorAnd remove arpoc.ac.parser.BinaryOperatorIn remove arpoc.ac.parser.BinaryOperatorOr remove arpoc.ac.parser.BinarySameTypeOperator remove arpoc.ac.parser.BinaryStringOperator remove arpoc.ac.parser.Equal remove arpoc.ac.parser.Greater remove arpoc.ac.parser.Lesser remove arpoc.ac.parser.NotEqual remove arpoc.ac.parser.UOP remove arpoc.ac.parser.matches remove arpoc.ac.parser.startswith remove arpoc.plugins.EnvironmentDict remove arpoc.plugins.ObjectDict remove arpoc.plugins.ObligationsDict remove arpoc.plugins.PrioritizedItem remove arpoc.plugins._lib.EnvironmentAttribute remove arpoc.plugins._lib.ObjectSetter remove arpoc.plugins._lib.Obligation remove arpoc.plugins.env_attr_time.EnvAttrDateTime remove arpoc.plugins.env_attr_time.EnvAttrTime remove arpoc.plugins.env_attr_time.EnvAttrTimeHour remove arpoc.plugins.env_attr_time.EnvAttrTimeMinute remove arpoc.plugins.env_attr_time.EnvAttrTimeSecond remove arpoc.plugins.obj_json.obj_json remove arpoc.plugins.obj_urlmap.ObjUrlmap remove arpoc.plugins.obl_loggers.Log remove arpoc.plugins.obl_loggers.LogFailed remove arpoc.plugins.obl_loggers.LogSuccessful remove arpoc.special_pages.Userinfo