You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@usergrid.apache.org by "Todd Nine (JIRA)" <ji...@apache.org> on 2014/12/09 22:45:12 UTC
[jira] [Created] (USERGRID-270) [SPIKE] Re-investigate permission
caching
Todd Nine created USERGRID-270:
----------------------------------
Summary: [SPIKE] Re-investigate permission caching
Key: USERGRID-270
URL: https://issues.apache.org/jira/browse/USERGRID-270
Project: Usergrid
Issue Type: Improvement
Components: Stack
Reporter: Todd Nine
Attachments: Realm.zip
Forever ago, I changed a branch in 1.0 to being using permissions caching. I never finished it because our priorities changed. We should try to resume the work on this branch, and fix caching for permissions. See the line in the profiler results.
[Wall Time] org.apache.usergrid.security.shiro.Realm.doGetAuthorizationInfo(PrincipalCollection) Realm.java
As you can see, a cache would eliminate the graph traversal for permissions calculation. I propose the following simple implementation to start with.
# A bucketed cache per application. The number of buckets is always static and configured via properties
# Users are consistently hashed into these buckets based on their userId (which is immutable)
# When a group, role, or permission changes for an application, all shards in the cache are deleted.
# When permissions are calculated on the first initial call in the realm, they are inserted into the cache
Note that invalidating an entire app's cache is not efficient, but it is an easy first step towards a system which can later more intelligently invalidate caches.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)