I'm a newbie to OAuth - I have a high volume customer using OAuth: LoadBalancer with 12 servers but only using 1 server to store the OAuth tokens. Today, when testing I can only get 1000 concurrent user开发者_StackOverflow社区s on the site and I need to support an SLA of 10,000.
I'm looking at the following alternatives: 1) Look for a more robust OAuth library - must be Java based 2) Store the tokens in a database - will be slower but users will have access
Is there anything else I'm missing? Any recommendations from more experienced OAuth developers/architects?
Much Appreciated! Steve
Not missing anything. That's not the purpose of OAuth to solve this. Therefore, 2nd alternative sounds good to me. Anyway no COTS clustering solutions, no db storage here if you want to achieve some certain level of scalability easily and at low cost.
Instead start scaling horizontally your token repository using a distributed caching system on its own tier of servers.
If java, maybe investigate spymemcached or equivalent.
You can store your oauth access tokens in any distributed persistent cache (like mongo db with replica sets). With this setup your oauth access tokes will be available on all 12 boxes and you will be able to scale horizontally. Tokens created on any box will be automatically replicated and it should be super fast compared to a regular database. More info on mongodb and replica sets
精彩评论