Currently requests from AuthorizationFilter are not cached by Varnish. Enabling caching should have a considerable improvement in performance, at the cost of some security risks. If we make the caching period short enough (like 10 minutes), the security impact should be minimal.
AuthenticationFilter (and its subclasses WebIDFilter and IDTokenFilter) already implements caching via #24
Currently requests from
AuthorizationFilter
are not cached by Varnish. Enabling caching should have a considerable improvement in performance, at the cost of some security risks. If we make the caching period short enough (like 10 minutes), the security impact should be minimal.AuthenticationFilter
(and its subclassesWebIDFilter
andIDTokenFilter
) already implements caching via #24