与Spring安全oauth的JdbcTokenStore相比，JpaTokenStore是否有任何缺点 [英] Does JpaTokenStore have any downsides when compared to JdbcTokenStore for spring security oauth

问题描述

我目前在我的应用程序中通过Hibernate使用Jpa.由于春季安全性oauth2提供了JdbcTokenStore，因此我开始使用它.但问题在于，我无法使用缓存(应用程序中所有实体当前共享的缓存).

I currently use Jpa via Hibernate in my application. Since spring security oauth2 provides JdbcTokenStore, I started using it. But the problem with that is, I cannot use cache (which all my entities in the application currently share).

它以单独的流程访问数据库.

It hits the database in a separate flow.

我正在考虑实施由Jpa&所支持的 JpaTokenStore 利用其附带的缓存优势.

I am thinking implementing JpaTokenStore thats backed by Jpa & leverage the cache advantages that comes with it.

有人尝试使用此方法来实现这一点/是否有任何弊端?

Did anyone try implementing this/see any downsides using this approach?

推荐答案

没有什么可以阻止您执行此操作的，而且很多人的确使用JPA进行各种操作，但是IMO JPA对于处理身份存储不是理想的选择数据. JPA是为在JDBC连接(基本上是事务)期间缓存数据而设计和优化的，而身份数据通常具有不同的寿命，并且寿命更长.如果您使用JPA存储长期存在的数据，则必须处理在其正常生命周期之外访问数据时发生的后果，例如使用DTO，最终在某种程度上抵消了使用DTO的好处.

There is nothing stopping you from doing it, and plenty of people do use JPA for all sorts of things, but IMO JPA is not ideal for handling storage of identity data. JPA is designed and optimized for cacheing data for the duration of a JDBC connection (a transaction basically), while identity data have a typically different and much longer lifetime. If you store long lived data using JPA, you have to deal with the consequences of what happens when you access it outside its normal lifetime, e.g. use DTOs, which ends up negating the benefits of using it in the first place to some extent.

这篇关于与Spring安全oauth的JdbcTokenStore相比，JpaTokenStore是否有任何缺点的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！