You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@shiro.apache.org by John Vines <vi...@apache.org> on 2013/01/12 01:36:02 UTC

AuthenticationCache via ini?

Is it possible to set an AuthenticationCache via ini? The MapCache seems
decent, but I can't seem to figure out how to declare it via ini.

Re: AuthenticationCache via ini?

Posted by Les Hazlewood <lh...@apache.org>.

On Fri, Jan 11, 2013 at 4:36 PM, John Vines <vi...@apache.org> wrote:
> Is it possible to set an AuthenticationCache via ini? The MapCache seems
> decent, but I can't seem to figure out how to declare it via ini.

Hi John,

MapCache can't currently be instantiated in INI because it does not
(currently) have a default no-arg constructor.  It is expected to be
used as an implementation in conjunction with an AbstractCacheManager
implementation that maintains caches by name.

As an alternative approach, most folks usually just configure a
CacheManager for all of Shiro's needs, e.g.:

cacheManager = org.apache.shiro.cache.MemoryConstrainedCacheManager
...
securityManager.cacheManager = $cacheManager

# and then turn on authenticationCaching for the realm in question:
myRealmThatExtendsAuthenticatingRealm.authenticationCachingEnabled = true

When a CacheManager is available, AuthenticatingRealm implementations
will automatically acquire a Cache by name from the CacheManager.  The
lookup name is auto-generated by default, but you can configure a
specific cache name
authenticatingRealm.authenticationCacheName=someName

And while the MemoryConstrainedCacheManager is a good start, if you
wish, you can then replace it with a more
'enterprisey'/cluster-friendly CacheManager (e.g.
https://github.com/stormpath/shiro-hazelcast-web-sample) if necessary
or when time permits.

That being said, if you did have a default no-arg constructor on a
Cache implementation, you _could_ inject it directly, e.g.:

authenticatingRealm.authenticationCache = $aCacheInstance

and the CacheManager won't be consulted to provide one.

But I think most people prefer setting the CacheManager for the many
uses it has in Shiro and then letting one be acquired by name.

And finally, it should be reiterated for the benefit of others that
might read this thread, but please be quite sure that Authentication
Caching is safe in your environment before turning it on for a Realm.
The AuthenticatingRealm JavaDoc covers the scenarios when it is
considered safe to do so.

HTH!

Best,

--
Les Hazlewood | @lhazlewood
CTO, Stormpath | http://stormpath.com | @goStormpath | 888.391.5282
Stormpath wins GigaOM Structure Launchpad Award! http://bit.ly/MvZkMk