If you have a git changelog with lots of commits by different users and a non-local authentication scheme (basically anything other than the local database) then viewing that page now takes a lot longer as all the users in the commits need to be looked up in the security realm to see if they are valid authentication "users" or if it is just a "full name" that can be resolved from disk.

There needs to be a way for plugins to say get me a user not for authentication purposes that can if the user has been saved on disk will return that in preference to not hitting the security realm to see if the user does indeed exist.

setting hudson.model.User.SECURITY_243_FULL_DEFENSE=false helps but there should really be a separate API.

WIthout this extra API all security realms need to implement multiple caches (a not found cache as well as a regular cache)