Re: svn commit: r559865 - /roller/trunk/apps/weblogger/web/WEB-INF/security.xml

Thu, 26 Jul 2007 09:19:17 -0700

Hmmm, I don't know that there is no need for that cache. That cache is used to prevent us from having to hit the db constantly when checking authentication/authorization. Without it, every single request from users that are logged in requires extra queries against the db. 

-- Allen


[EMAIL PROTECTED] wrote:

Author: snoopdave
Date: Thu Jul 26 08:58:15 2007
New Revision: 559865

URL: http://svn.apache.org/viewvc?view=rev&rev=559865
Log:
Fix for ROL-1492 "Change users profile and admin permissions feature does not 
work"
The problem is caused by the Acegi user-cache. The user's role is changed in the Roller DB, but Acegi is still hanging on to the old user object. So access to the Server Admin page is denied. 
There might be a way to flush the Acegi user cache, but I don't think there is 
much need for this cache and I'd rather not introduce any more Acegi 
dependencies. So I removed the cache from secrity.xml and that fixes the 
problem.

Modified:
    roller/trunk/apps/weblogger/web/WEB-INF/security.xml

Modified: roller/trunk/apps/weblogger/web/WEB-INF/security.xml
URL: 
http://svn.apache.org/viewvc/roller/trunk/apps/weblogger/web/WEB-INF/security.xml?view=diff&rev=559865&r1=559864&r2=559865
==============================================================================
--- roller/trunk/apps/weblogger/web/WEB-INF/security.xml (original)
+++ roller/trunk/apps/weblogger/web/WEB-INF/security.xml Thu Jul 26 08:58:15 
2007
@@ -125,12 +125,13 @@
<bean id="daoAuthenticationProvider" class="org.acegisecurity.providers.dao.DaoAuthenticationProvider"> 
          <property name="userDetailsService" ref="jdbcAuthenticationDao"/>
-         <property name="userCache" ref="userCache"/>
+         <!-- <property name="userCache" ref="userCache"/> -->
     </bean>
<!-- Read users from Roller API --> 
     <bean id="jdbcAuthenticationDao" 
class="org.apache.roller.weblogger.ui.core.security.RollerUserDetailsService"/>
+ <!-- 
     <bean id="userCache" 
class="org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache">
         <property name="cache">
             <bean class="org.springframework.cache.ehcache.EhCacheFactoryBean">
@@ -141,6 +142,7 @@
             </bean>
         </property>
     </bean>
+    -->
<bean id="anonymousAuthenticationProvider" class="org.acegisecurity.providers.anonymous.AnonymousAuthenticationProvider"> 
         <property name="key" value="anonymous"/>

Reply via email to