@paterczm I think you may have written this, I have a small suggestion. I think you can replace the whole RolesCache class with a single instance of a Guava cache. The concept of a "fallback cache" is already implemented using refreshes: https://github.com/google/guava/wiki/CachesExplained#refresh
So instead of evicting entries after a fixed amount of time after a write, use refresh after that fixed amount of time and never evict otherwise. Refresh has the semantics you want: it will try to update with a more current value, even in the background (better!), as long as it can, otherwise it will keep the current value (that's your "fallback."). Then, using a cache loader, you can put your LDAP calls, and not have to manage putting/getting values manually.
@paterczm I think you may have written this, I have a small suggestion. I think you can replace the whole RolesCache class with a single instance of a Guava cache. The concept of a "fallback cache" is already implemented using refreshes: https://github.com/google/guava/wiki/CachesExplained#refresh
So instead of evicting entries after a fixed amount of time after a write, use refresh after that fixed amount of time and never evict otherwise. Refresh has the semantics you want: it will try to update with a more current value, even in the background (better!), as long as it can, otherwise it will keep the current value (that's your "fallback."). Then, using a cache loader, you can put your LDAP calls, and not have to manage putting/getting values manually.