I am currently building rest services that authenticate user against a kerberos domain controller. Since poking the KDC everytime a user tries to do an action in the system is time-consuming, I have a cache where I store an authentication token with its related principal.
So basically, my services offer two authentication schemes: Kerberos and by token. The problem I have is my cache object (scoped as singleton in my DI container) is lost when the app pool is recycled. Also, even if the app pool is not recycled, this behaviour prevent me from distributing my services over multiple servers.
How can I persist my cache object accross app pools?
By recycling the app pool, you are essentially terminating the application and starting it from scratch. Like any standard application, there is a few ways to persist data across instances of an application:
1) Add an authentication layer on top of the KDC. Create another service in a different app pool that can be called from your main service. You will still be subject to the same problems if the new app pool gets recycled, but the conditions to recycle should be specific to the authentication of users and the status of the server.
2) Persist the objects in a database of your own or the file system. If you serialize your object after authentication, you can persist an object in a local store that may be less expensive than accessing the KDC controller.