When the brick process is instructed to fetch the groups of the user executing a procedure ("server.manage-gids" volume option), the cache is only kept for a short period ("server.gid-timeout" volume option). It would be much nicer to have the cache associated with an AUTH_SHORT (see http://tools.ietf.org/html/rfc5531#page-25) reference.

GlusterFS clients will then be able to receive a AUTH_SHORT reference (per user/uid) after the first procedure, and subsequent procedures would then pass the AUTH_SHORT reference as RPC-credential. On the server-side, the AUTH_SHORT reference should be validated/looked-up and the frame->root->uid/gid/groups would be set as cached.

This makes is possible to set the gid-timeout much higher than the default 5 seconds. A refresh of the AUTH_SHORT reference (and therefore gid-cache) would happen automatically on a remount, or possibly also by a user-settable xattr.

You could call this a user-managed-credential-cache, or something.

See also:
https://lists.fedorahosted.org/pipermail/sssd-devel/2014-November/022293.html

That email mentions keeping the AUTH_SHORT credentials in sync on all the bricks, but I do not think that is needed. But, I also do not know yet what the best structure would be to keep this per user and per connection token.