Venkat Sonnathi wrote:
Yes, it could be optimised using a range of strategies such as putting a flag into the ContextHolder (SecurityContextHolder in CVS and from 0.9.0). The trouble is then causing that flag to reset at the start of each request so that only the first AbstractSecurityInterceptor invocation causes delegation to the AuthenticationManager. Indeed if the request was actually authenticated during the request by an authentication mechanism (eg BASIC/Digest/form post) we should accept that AuthenticationManager invocation and not require any AbstractSecurityInterceptor to repeat it.Hi,
I am exploring AcegiSecurity by following the contacts sample application. I observed that in AbstractSecurityInterceptor.beforeInvocation method authenticationManager.authenticate is being called for every request. Why is it? Can it be optimized to check if authentication is already done and skip this step?
For every click the above method is called twice: once as part of FilterSecurityInterceptor and once as part of MethodSecurityInterceptor and if we optimize/check for authentication then the call to authenticationManager.authenticate can be avoided.
Thanks, --Venkat.
We could refresh the SecurityContextHolder flag this in the HttpSessionContextIntegrationFilter, but then we're reducing its focus on simply storing the SecurityContext between HTTP requests. Better yet, we could have startRequest() and finishRequest() methods in the SecurityContext to encapsulate this sort of logic and have the HttpSessionContextIntegrationFilter call them. Indeed that might prove beneficial for Captcha integration, which also needs to set a once-per-request style flag. What do others think?
I have not performed any benchmarks, but given that caching is performed in AuthenticationProvider implementations I would not suspect the double-up of AuthenticationManager invocations would represent an urgent performance constraint at this time.
Best regards Ben
------------------------------------------------------- This SF.Net email is sponsored by Oracle Space Sweepstakes Want to be the first software developer in space? Enter now for the Oracle Space Sweepstakes! http://ads.osdn.com/?ad_id=7412&alloc_id=16344&op=click _______________________________________________ Home: http://acegisecurity.sourceforge.net Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
