Need a thread-safe/scalable credential cache for use in System.Net.Http #25447
Comments
stephentoub
changed the title
|
There are other inefficiencies that can be addressed by replacing our usage of CredentialCache, e.g. storing rather than recomputing the basic auth token for the cached credentials. |
|
Whatever we do here, we should also look at including a max size, so that it doesn't grow unbounded. |
|
Does not seem to be critical for 2.1 - we already have this in place in 2.0 and earlier. |
Agreed. Also, if we add digest support to this cache, then (a) we need to cache the token, not just the credentials, and (b) we need to cache the auth type (basic vs digest) so we know which one to use for pre-auth. |
|
I'm going to close this. If we see it causing real issues, we can address it then. |
ghost
locked as resolved and limited conversation to collaborators
HttpClientHandler implementations supporting preauthenticate currently use a CredentialCache to store credentials, but CredentialCache is not thread-safe, and since requests might be modifying the cache, all access to it needs to be locked. That means when preauthenticate is enabled, every request needs to take the same lock while accessing the cache to see if it contains credentials for use in that request.
The text was updated successfully, but these errors were encountered: