Expected Behavior
There should be a subsection in https://docs.spring.io/spring-security/reference/ describing org.springframework.security.authentication.CachingUserDetailsService .
Current Behavior
In fact there is no such text passage to mention this class.
Context
This class does not give too much description in the javadoc, and some people use outdated information to judge the role of this class in the closed issues, for example https://github.com/spring-projects/spring-security/issues/2837 .
According to the discussion on Stack Overflow (refer to https://stackoverflow.com/questions/40766098/springcachebasedusercache-is-null ), it seems that many people have the need to cache authentication information, but the official website documentation is not mentioned this class. Should it be mentioned if possible?
Because the function of this class is relatively intuitive and simple, is it the opinion of the community that it is not recommended to use this class? If so, then I think it should be explained in the documentation.
Comment From: sjohnr
@linghengqian, thanks for the suggestion. I think many don't know of this class, and personally I have always used Spring's @Cacheable annotation for this case. However, the class has been modified as recently as 2018 and is not deprecated, so including a brief description in the documentation should be just fine. Would you like to submit a PR?
Comment From: linghengqian
Would you like to submit a PR?
I just realized @Cacheable exists. Because I am not familiar with this area, I do not expect me to submit this PR.
Comment From: sjohnr
@linghengqian, no problem, thanks for the update.
Comment From: ghost
Hello, may I take this task, please?
Comment From: sjohnr
Sure!
Comment From: linghengqian
@timofeli Any updates?
Comment From: FdHerrera
Hello,
I'd like to take this issue, if it's ok for you.
According to the discussion in this thread, the idea is to recommend using @Cacheable instead of a bean of this class? If so, makes sense to deprecate this class?
Comment From: sjohnr
@FdHerrera
I'd like to take this issue, if it's ok for you.
Thanks!
According to the discussion in this thread, the idea is to recommend using
@Cacheableinstead of a bean of this class? If so, makes sense to deprecate this class?
I don't think we need to deprecate this class. However, the documentation could show an example of how to use it (declare it as a @Bean wrapping another concrete UserDetailsService) in addition to demonstrating or recommending an alternative using @Cacheable. I think both options would be good for readers to know about.