Todd Nine created USERGRID-270:
----------------------------------
Summary: [SPIKE] Re-investigate permission caching
Key: USERGRID-270
URL: https://issues.apache.org/jira/browse/USERGRID-270
Project: Usergrid
Issue Type: Improvement
Components: Stack
Reporter: Todd Nine
Attachments: Realm.zip
Forever ago, I changed a branch in 1.0 to being using permissions caching. I
never finished it because our priorities changed. We should try to resume the
work on this branch, and fix caching for permissions. See the line in the
profiler results.
[Wall Time]
org.apache.usergrid.security.shiro.Realm.doGetAuthorizationInfo(PrincipalCollection)
Realm.java
As you can see, a cache would eliminate the graph traversal for permissions
calculation. I propose the following simple implementation to start with.
# A bucketed cache per application. The number of buckets is always static and
configured via properties
# Users are consistently hashed into these buckets based on their userId (which
is immutable)
# When a group, role, or permission changes for an application, all shards in
the cache are deleted.
# When permissions are calculated on the first initial call in the realm, they
are inserted into the cache
Note that invalidating an entire app's cache is not efficient, but it is an
easy first step towards a system which can later more intelligently invalidate
caches.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
