You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@turbine.apache.org by Scott Eade <se...@backstagetech.com.au> on 2006/08/21 08:25:22 UTC
TorqueSecurityService optimizations for 2.3.x
My webapp runs Turbine 2.3.2 and uses the TorqueSecurityService.
While looking into an unrelated performance issue I finally got around
to looking into why my SQL logs are always full of queries to the
turbine security service tables.
Pretty much all of these can be eliminated by extending
TorqueSecurityService thus:
package your.package.name.here.services.security.torque;
import org.apache.turbine.om.security.Role;
import org.apache.turbine.util.security.DataBackendException;
import org.apache.turbine.util.security.GroupSet;
import org.apache.turbine.util.security.PermissionSet;
import org.apache.turbine.util.security.RoleSet;
import org.apache.turbine.util.security.UnknownEntityException;
public class TorqueSecurityService extends
org.apache.turbine.services.security.torque.TorqueSecurityService
{
static GroupSet allGroups;
static PermissionSet allPermissions;
static RoleSet allRoles;
public GroupSet getAllGroups() throws DataBackendException
{
if (null == allGroups)
{
allGroups = super.getAllGroups();
}
return allGroups;
}
public PermissionSet getAllPermissions() throws DataBackendException
{
if (null == allPermissions)
{
allPermissions = super.getAllPermissions();
}
return allPermissions;
}
public RoleSet getAllRoles() throws DataBackendException
{
if (null == allRoles)
{
allRoles = super.getAllRoles();
}
return allRoles;
}
public Role getRoleByName(String name)
throws DataBackendException, UnknownEntityException
{
Role role = getAllRoles().getRoleByName(name);
if (role == null)
{
throw new UnknownEntityException(
"The specified role does not exist");
}
PermissionSet permissions = null;
try
{
permissions = role.getPermissions();
}
catch (Exception e)
{
// Not thrown for Torque, not sure about other implementations.
}
if (permissions == null)
{
role.setPermissions(getPermissions(role));
}
return role;
}
public Role getRoleById(int id)
throws DataBackendException,
UnknownEntityException
{
Role role = getAllRoles().getRoleById(id);
if (role == null)
{
throw new UnknownEntityException(
"The specified role does not exist");
}
PermissionSet permissions = null;
try
{
permissions = role.getPermissions();
}
catch (Exception e)
{
// Not thrown for Torque, not sure about other implementations.
}
if (permissions == null)
{
role.setPermissions(getPermissions(role));
}
return role;
}
}
Don't forget to update TurbineResources.properties to point to your new
SecurityService class.
Without the above change Turbine's ACLs would actually be mutable when
according to the JavaDoc they should not be.
Apart from a very brief examination of the JavaDoc I haven't looked how
this might apply to the trunk - IIRC the TorqueSecurityService is one of
the items we need to address for a 2.4 release. In the mean time, the
code above can save a bunch of database hits on existing Turbine 2.3.x
applications that use Torque.
Enjoy,
Scott
---------------------------------------------------------------------
To unsubscribe, e-mail: turbine-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: turbine-dev-help@jakarta.apache.org
Re: TorqueSecurityService optimizations for 2.3.x
Posted by Thomas Vandahl <th...@tewisoft.de>.
Scott Eade wrote:
> My webapp runs Turbine 2.3.2 and uses the TorqueSecurityService.
Mine, too.
> While looking into an unrelated performance issue I finally got around
> to looking into why my SQL logs are always full of queries to the
> turbine security service tables.
When I do permission checks, I normally use
---8<---
AccessControlList acl = data.getACL();
PermissionSet ps = (acl != null) ? acl.getPermissions() : null;
boolean isAuthorized = (ps != null) &&
ps.containsName(MyPermission.PERFORM_ACTION);
---8<---
This does not hit the database more than once per session.
> Apart from a very brief examination of the JavaDoc I haven't looked how
> this might apply to the trunk - IIRC the TorqueSecurityService is one of
> the items we need to address for a 2.4 release. In the mean time, the
> code above can save a bunch of database hits on existing Turbine 2.3.x
> applications that use Torque.
I'm currently implementing the Torque flavour of the Fulcrum security
service. I'm almost done, apart from the documentation stuff. The design
seems to be a little bit Hibernate-biased, so I'm facing a couple of
obstacles...
Bye, Thomas.
---------------------------------------------------------------------
To unsubscribe, e-mail: turbine-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: turbine-dev-help@jakarta.apache.org