Return-Path: Delivered-To: apmail-incubator-jsecurity-dev-archive@locus.apache.org Received: (qmail 57667 invoked from network); 7 Oct 2008 12:52:12 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 7 Oct 2008 12:52:12 -0000 Received: (qmail 81939 invoked by uid 500); 7 Oct 2008 12:52:11 -0000 Delivered-To: apmail-incubator-jsecurity-dev-archive@incubator.apache.org Received: (qmail 81918 invoked by uid 500); 7 Oct 2008 12:52:11 -0000 Mailing-List: contact jsecurity-dev-help@incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: jsecurity-dev@incubator.apache.org Delivered-To: mailing list jsecurity-dev@incubator.apache.org Received: (qmail 81907 invoked by uid 99); 7 Oct 2008 12:52:10 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 07 Oct 2008 05:52:10 -0700 X-ASF-Spam-Status: No, hits=1.5 required=10.0 tests=DNS_FROM_SECURITYSAGE,SPF_NEUTRAL,WHOIS_MYPRIVREG X-Spam-Check-By: apache.org Received-SPF: neutral (athena.apache.org: local policy) Received: from [209.85.217.33] (HELO mail-gx0-f33.google.com) (209.85.217.33) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 07 Oct 2008 12:51:06 +0000 Received: by gxk14 with SMTP id 14so1128538gxk.12 for ; Tue, 07 Oct 2008 05:51:40 -0700 (PDT) Received: by 10.214.9.8 with SMTP id 8mr8016081qai.6.1223383900322; Tue, 07 Oct 2008 05:51:40 -0700 (PDT) Received: by 10.214.9.4 with HTTP; Tue, 7 Oct 2008 05:51:40 -0700 (PDT) Message-ID: <8bd9fdba0810070551y36e6578di2165c2c16b04c521@mail.gmail.com> Date: Tue, 7 Oct 2008 13:51:40 +0100 From: "Peter Ledbrook" To: user@grails.codehaus.org Subject: Re: [grails-user] JSecurity Plugin, AbstractLdapRealm and Caching Cc: "JSecurity Developer List" In-Reply-To: <19843999.post@talk.nabble.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <19843999.post@talk.nabble.com> X-Virus-Checked: Checked by ClamAV on apache.org Hi, I'm forwarding this to the JSecurity mailing list since it relates the the core JSecurity classes. Cheers, Peter 2008/10/6 Skowronek : > > I have a Grails application using version 1.0.3. The JSecurity plugin > version 0.3-SNAPSHOT is installed. > > I created a realm called AdamRealm, which extends AbstractLdapRealm to take > advantage of the services in the hierarchy. Specifically caching. > AdamRealm is very similar to ActiveDirectoryRealm. > > After launching the app, the realm is created as well as the CacheManager as > shown in the log entries below. > > [com.jud.realm.AdamRealm] AdamRealm created > [org.jsecurity.mgt.CachingSecurityManager] Attempting to initialize default > CacheManager using EhCache... > [org.jsecurity.cache.ehcache.EhCacheManager] cacheManager property not set. > Constructing CacheManager instance... > [org.jsecurity.io.ResourceUtils] Opening resource from class path > [org/jsecurity/cache/ehcache/ehcache.xml]... > [org.jsecurity.cache.ehcache.EhCacheManager] instantiated Ehcache > CacheManager instance. > [org.jsecurity.cache.ehcache.EhCacheManager] implicit cacheManager created > successfully. > > > If a user tries to access a restricted resource for the first time, I see > that the queryForAuthenticationInfo(AuthenticationToken token, > LdapContextFactory ldapContextFactory) implementation is called as expected > and the user is authenticated. > > [com.jud.realm.AdamRealm] queryForAuthenticationInfo started > DEBUG [org.jsecurity.authc.AbstractAuthenticator] Authentication successful > for token [org.jsecurity.authc.UsernamePasswordToken - abc00, > rememberMe=false]. Returned account: > [org.jsecurity.subject.SimplePrincipalCollection@3fe59b3e] > > > Next, the the queryForAuthorizationInfo(PrincipalCollection principals, > LdapContextFactory ldapContextFactory) implementation is called as expected > since this is the first time a restricted resource is being accessed by the > user. > > DEBUG [com.jud.realm.AdamRealm] queryForAuthorizationInfo started > > My understanding is that for all subsequent requests made by the user, the > queryForAuthorizationInfo() shouldn't be called. Instead, > AuthorizingRealm.getAuthorizationInfo(PrincipalCollection principals) should > pull the AuthorizationInfo from the cache, but that doesn't happen. For > every subsequent request, I see the queryForAuthorizationInfo() being > called. > > Any assistance on how to get the realm to pull the AuthorizationInfo from > the cache would be appreciated. > > Thank you. > > -- > View this message in context: http://www.nabble.com/JSecurity-Plugin%2C-AbstractLdapRealm-and-Caching-tp19843999p19843999.html > Sent from the grails - user mailing list archive at Nabble.com. > > > --------------------------------------------------------------------- > To unsubscribe from this list, please visit: > > http://xircles.codehaus.org/manage_email > > > -- Software Engineer G2One, Inc. http://www.g2one.com/