incubator-shiro-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Les Hazlewood" <lhazlew...@apache.org>
Subject Re: [grails-user] JSecurity Plugin, AbstractLdapRealm and Caching
Date Tue, 07 Oct 2008 23:07:41 GMT
You are indeed correct that it should be caching the AuthorizationInfo
lookup for role/permission checks - at least that is what the code
'says'.

There are a few trace/debug/info log messages in AuthorizingRealm that
are printed when an authorization check occurs, particularly in the
initAuthorizationCache() and getAuthorizationInfo() methods .  Do you
have that output?

- Les

On Tue, Oct 7, 2008 at 8:51 AM, Peter Ledbrook <peter@g2one.com> wrote:
> Hi,
>
> I'm forwarding this to the JSecurity mailing list since it relates the
> the core JSecurity classes.
>
> Cheers,
>
> Peter
>
> 2008/10/6 Skowronek <tskowronek@wi.rr.com>:
>>
>> I have a Grails application using version 1.0.3.  The JSecurity plugin
>> version 0.3-SNAPSHOT is installed.
>>
>> I created a realm called AdamRealm, which extends AbstractLdapRealm to take
>> advantage of the services in the hierarchy.  Specifically caching.
>> AdamRealm is very similar to ActiveDirectoryRealm.
>>
>> After launching the app, the realm is created as well as the CacheManager as
>> shown in the log entries below.
>>
>> [com.jud.realm.AdamRealm] AdamRealm created
>> [org.jsecurity.mgt.CachingSecurityManager] Attempting to initialize default
>> CacheManager using EhCache...
>> [org.jsecurity.cache.ehcache.EhCacheManager] cacheManager property not set.
>> Constructing CacheManager instance...
>> [org.jsecurity.io.ResourceUtils] Opening resource from class path
>> [org/jsecurity/cache/ehcache/ehcache.xml]...
>> [org.jsecurity.cache.ehcache.EhCacheManager] instantiated Ehcache
>> CacheManager instance.
>> [org.jsecurity.cache.ehcache.EhCacheManager] implicit cacheManager created
>> successfully.
>>
>>
>> If a user tries to access a restricted resource for the first time, I see
>> that the queryForAuthenticationInfo(AuthenticationToken token,
>> LdapContextFactory ldapContextFactory) implementation is called as expected
>> and the user is authenticated.
>>
>> [com.jud.realm.AdamRealm] queryForAuthenticationInfo started
>> DEBUG [org.jsecurity.authc.AbstractAuthenticator] Authentication successful
>> for token [org.jsecurity.authc.UsernamePasswordToken - abc00,
>> rememberMe=false].  Returned account:
>> [org.jsecurity.subject.SimplePrincipalCollection@3fe59b3e]
>>
>>
>> Next, the the queryForAuthorizationInfo(PrincipalCollection principals,
>> LdapContextFactory ldapContextFactory) implementation is called as expected
>> since this is the first time a restricted resource is being accessed by the
>> user.
>>
>> DEBUG [com.jud.realm.AdamRealm] queryForAuthorizationInfo started
>>
>> My understanding is that for all subsequent requests made by the user, the
>> queryForAuthorizationInfo() shouldn't be called.  Instead,
>> AuthorizingRealm.getAuthorizationInfo(PrincipalCollection principals) should
>> pull the AuthorizationInfo from the cache, but that doesn't happen.  For
>> every subsequent request, I see the queryForAuthorizationInfo() being
>> called.
>>
>> Any assistance on how to get the realm to pull the AuthorizationInfo from
>> the cache would be appreciated.
>>
>> Thank you.
>>
>> --
>> View this message in context: http://www.nabble.com/JSecurity-Plugin%2C-AbstractLdapRealm-and-Caching-tp19843999p19843999.html
>> Sent from the grails - user mailing list archive at Nabble.com.
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe from this list, please visit:
>>
>>    http://xircles.codehaus.org/manage_email
>>
>>
>>
>
>
>
> --
> Software Engineer
> G2One, Inc.
> http://www.g2one.com/
>

Mime
View raw message