More robust security cache

Last modified by Michael Hamann on 2023/07/19

The security cache has been made robust against the disposal of structurally important entries by storing them also outside the cache as long as they're still needed by entries in the cache to avoid cascading disposal of large parts of the cache. If you've had problems with users seeing access denied sometimes, this might be the improvement you've been looking forward to. Also, if you've configured a very high size for the security cache to avoid these problems, it should be possible to reduce these limits now. The documentation provides some hints how to choose a reasonable security cache size. However, as with every change to code that is critical to performance and security, there is a risk for regressions even though we have extensive tests. In particular if you're maintaining a larger instance of XWiki, it is advised to monitor memory usage and performance after the upgrade to see if there are any irregularities. Also, please check that access restrictions are still working, in particular, if they involve nested groups. As always, please open a bug report or create a forum post if you're noticing anything unusual.

Created by Michael Hamann on 2023/07/19

Get Connected