You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@shiro.apache.org by Rogelio Delgado <ro...@gmail.com> on 2012/09/21 01:11:56 UTC
EhCache AutorizationRealm configuration.
Hi,
I've experienced hard time trying to set up the EhCache autorization
cache. My requirement is as follows:
At runtime I need to create new object ("Company" records). Each company
record has associated a permission, so when a new company is created,
the associated permission is assigned to the "root" user allowing it to
access to the new record. Right now, I'm able to configure the
Authentication and Authorization process in my application so I actually
can login and grant access based on the permissions a user may have, all
this using the provided EhCacheManager. The problem comes when, like I
said, at runtime I modify the permissions list associated to a user,
simply the cache is not cleaned. This is my set up.
*applicationContext.xml*
<bean id="shiroFilter"
class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
<property name="securityManager" ref="securityManager" />
</bean>
<bean id="lifecycleBeanPostProcessor"
class="org.apache.shiro.spring.LifecycleBeanPostProcessor" />
<!-- Security Manager of the application -->
<bean id="securityManager"
class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
<property name="realm" ref="jpaScgasparRealm" />
<property name="cacheManager" ref="shiroCacheManager" />
</bean>
<bean id="shiroCacheManager"
class="org.apache.shiro.cache.ehcache.EhCacheManager"
destroy-method="destroy">
<property name="cacheManager"
ref="springEhCacheManager"></property>
</bean>
<bean id="springEhCacheManager"
class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean">
</bean>
I extend the AuthorizingRealm to be able to access to my JPA model
overriding the *doGetAuthenticationInfo* and *doGetAuthorizationInfo*
methods and also I implement a custom method to call the
*clearCachedAuthorizationInfo *as follows:
public void clearCache(PrincipalCollection principal) {
log.info("Cleaning cache data for " +
principal.getPrimaryPrincipal().toString());
clearCachedAuthorizationInfo(principal);
}
So, when I want to clean the cache, I just call this method with the
following code block:
@Autowired
private JpaScgasparRealm realm;
......
SimplePrincipalCollection collection = new SimplePrincipalCollection();
collection.add("root", "root");
realm.clearCache(collection);
When I call the previous code, nothing shows in the log console and when
I try to access to the new "Company record" just created, shiro denied
the access because the cache is not cleaned.
This is the output of debug info when the application context is loaded:
----------------------------------------------------------------------------------------------------------------------------------------------------------
2012-09-20 18:09:12,911 DEBUG | http-bio-8080-exec-28 |
org.apache.shiro.spring.LifecycleBeanPostProcessor | Initializing
bean [jpaScgasparRealm]...
2012-09-20 18:09:12,911 DEBUG | http-bio-8080-exec-28 |
org.apache.shiro.realm.AuthorizingRealm | No
authorizationCache instance set. Checking for a cacheManager...
2012-09-20 18:09:12,911 INFO | http-bio-8080-exec-28 |
org.apache.shiro.realm.AuthorizingRealm | No cache or
cacheManager properties have been set. Authorization cache cannot be
obtained.
2012-09-20 18:09:12,911 INFO | http-bio-8080-exec-28 |
o.s.web.context.support.XmlWebApplicationContext | Bean
'jpaScgasparRealm' of type [class
mx.ssf.sicom.usersManagement.securityRealm.JpaScgasparRealm] is not
eligible for getting processed by all BeanPostProcessors (for example:
not eligible for auto-proxying)
2012-09-20 18:09:12,940 INFO | http-bio-8080-exec-28 |
o.s.cache.ehcache.EhCacheManagerFactoryBean | Initializing
EHCache CacheManager
2012-09-20 18:09:12,955 WARN | http-bio-8080-exec-28 |
net.sf.ehcache.config.ConfigurationFactory | No
configuration found. Configuring ehcache from ehcache-failsafe.xml
found in the classpath:
file:/opt/apache-tomcat-7.0.27/work/Catalina/localhost/SCGasPAR/loader/ehcache-failsafe.xml
2012-09-20 18:09:13,046 INFO | http-bio-8080-exec-28 |
o.s.web.context.support.XmlWebApplicationContext | Bean
'springEhCacheManager' of type [class
org.springframework.cache.ehcache.EhCacheManagerFactoryBean] is not
eligible for getting processed by all BeanPostProcessors (for example:
not eligible for auto-proxying)
2012-09-20 18:09:13,047 INFO | http-bio-8080-exec-28 |
o.s.web.context.support.XmlWebApplicationContext | Bean
'springEhCacheManager' of type [class net.sf.ehcache.CacheManager] is
not eligible for getting processed by all BeanPostProcessors (for
example: not eligible for auto-proxying)
2012-09-20 18:09:13,053 DEBUG | http-bio-8080-exec-28 |
org.apache.shiro.spring.LifecycleBeanPostProcessor | Initializing
bean [shiroCacheManager]...
2012-09-20 18:09:13,053 INFO | http-bio-8080-exec-28 |
o.s.web.context.support.XmlWebApplicationContext | Bean
'shiroCacheManager' of type [class
org.apache.shiro.cache.ehcache.EhCacheManager] is not eligible for
getting processed by all BeanPostProcessors (for example: not eligible
for auto-proxying)
2012-09-20 18:09:13,055 DEBUG | http-bio-8080-exec-28 |
org.apache.shiro.realm.AuthorizingRealm | No
authorizationCache instance set. Checking for a cacheManager...
2012-09-20 18:09:13,056 DEBUG | http-bio-8080-exec-28 |
org.apache.shiro.realm.AuthorizingRealm | CacheManager
[org.apache.shiro.cache.ehcache.EhCacheManager@3728eed8] has been
configured. Building authorization cache named
[mx.ssf.sicom.usersManagement.securityRealm.JpaScgasparRealm.authorizationCache]
2012-09-20 18:09:13,056 INFO | http-bio-8080-exec-28 |
org.apache.shiro.cache.ehcache.EhCacheManager | Cache with
name
'mx.ssf.sicom.usersManagement.securityRealm.JpaScgasparRealm.authorizationCache'
does not yet exist. Creating now.
2012-09-20 18:09:13,081 INFO | http-bio-8080-exec-28 |
org.apache.shiro.cache.ehcache.EhCacheManager | Added EhCache
named
[mx.ssf.sicom.usersManagement.securityRealm.JpaScgasparRealm.authorizationCache]
2012-09-20 18:09:13,082 INFO | http-bio-8080-exec-28 |
o.s.web.context.support.XmlWebApplicationContext | Bean
'securityManager' of type [class
org.apache.shiro.web.mgt.DefaultWebSecurityManager] is not eligible for
getting processed by all BeanPostProcessors (for example: not eligible
for auto-proxying)
2012-09-20 18:09:13,115 INFO | http-bio-8080-exec-28 |
o.s.beans.factory.support.DefaultListableBeanFactory |
Pre-instantiating singletons in
org.springframework.beans.factory.support.DefaultListableBeanFactory@4066b105:
defining beans
[cpuDAOImpl,containerDAOImpl,roleDAOImpl,warehouseDAOImpl,paymentConditionDAOImpl,userDAOImpl,corporateDAOImpl,permissionsUserDAOImpl,priceDAOImpl,peripheralDAOImpl,customerDAOImpl,permissionDAOImpl,rolesPermissionsDAOImpl,routesDAOImpl,receptionUnitDAOImpl,discountDAOImpl,zoneDAOImpl,movementDAOImpl,distributionCenterDAOImpl,distributionPointDAOImpl,printingTypeDAOImpl,equipmentDAOImpl,regionDAOImpl,geographicLocationDAOImpl,productDAOImpl,companyDAOImpl,org.springframework.context.annotation.internalConfigurationAnnotationProcessor,org.springframework.context.annotation.internalAutowiredAnnotationProcessor,org.springframework.context.annotation.internalRequiredAnnotationProcessor,org.springframework.context.annotation.internalCommonAnnotationProcessor,org.springframework.context.annotation.internalPersistenceAnnotationProcessor,org.springframework.aop.config.internalAutoProxyCreator,org.springframework.transaction.annotation.AnnotationTransactionAttributeSource#0,org.springframework.transaction.interceptor.TransactionInterceptor#0,org.springframework.transaction.config.internalTransactionAdvisor,transactionManager,entityManagerFactory,jpaVendorAdapter,org.springframework.beans.factory.config.PropertyPlaceholderConfigurer#0,dataSource,liquibase,org.springframework.dao.annotation.PersistenceExceptionTranslationPostProcessor#0,org.springframework.orm.jpa.support.PersistenceAnnotationBeanPostProcessor#0,shiroFilter,lifecycleBeanPostProcessor,securityManager,jpaScgasparRealm,credentialMatcher,org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator#0,org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor#0,shiroCacheManager,springEhCacheManager,connectionFactory,rabbitAdmin,messageListenerContainer,generalQueueListener,contextApplicationContextProvider,equipmentInfoService,messageSource,discountServiceImpl,priceSchedulerImpl,pricesTaskCollector,pricesServiceImpl,paymentConditionServiceImpl,PEMEXPriceGrabberImpl,pricesScheduler,messagingService,testChannel,mailSender,alarmMailChannel,alarmSender,org.springframework.context.annotation.ConfigurationClassPostProcessor$ImportAwareBeanPostProcessor#0];
root of factory hierarchy
-----------------------------------------------------------------------------------------------------------------------------------------------------
I'm trying to set up the use of a cache with shiro all the day and
really I don't find the way. Any ideas of what I'm doing wrong?
Thanks for your time.
Rogelio Delgado
Re: EhCache AutorizationRealm configuration.
Posted by Ankit <mr...@gmail.com>.
Hi OP,
I am also getting same problem. Have you resolved it? If yes, please let me
know the solution of this. I am already dig into this problem.
--
View this message in context: http://shiro-user.582556.n2.nabble.com/EhCache-AutorizationRealm-configuration-tp7577807p7580139.html
Sent from the Shiro User mailing list archive at Nabble.com.