I've managed to boil it down to one query.
Whenever I call acl.hasPermission("permission_name") it queries the
whole TURBINE_PERMISSION table.
At this point, I'm ready to write a custom PermissionManager that stores
a hashmap of Permissions keyed by name. Is this necessary? Shouldn't
the security framework be smart enough to not query the whole table
every time I ask for a Permission by name?
Example code..
class MyScreen extends SecureScreen{
// private static Permission permission = null;
public void doBuildTemplate(RunData data, Context context)
{
// throw some stuff into the context
}
protected boolean isAuthorized(RunData data) throws Exception {
AccessControlList acl = data.getACL();
// if (null == permission){
// Criteria criteria = new
Criteria().add(PermissionPeer.NAME,"my_permission_name");
// permission = (Permission)
PermissionPeer.doSelect(criteria).get(0);
// }
// return null != acl && acl.hasPermission(permission) ||
super.isAuthorized(data);
// the security framework selects the whole permissions table on
every call to hasPermission("string")
// what's up with that?
return null != acl && acl.hasPermission("my_permission_name") ||
super.isAuthorized(data);
}
}
Clearly, I could use the commented out code to accomplish the same
thing, but that sucks. I don't want to have to write that code in all
of my screens.
Anyone??
-Gary
-----Original Message-----
From: Robles, Rogelio [mailto:[EMAIL PROTECTED]
Sent: Tuesday, September 30, 2003 2:55 PM
To: 'Turbine Users List'
Subject: RE: Security service and caching.
> obviously nothing from the USERS table, which makes sense to me.
I mean not all the content of the USERS table only the USER object and
its credentials.
> -----Original Message-----
> From: Robles, Rogelio [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, September 30, 2003 2:49 PM
> To: 'Turbine Users List'
> Subject: RE: Security service and caching.
>
>
> I remember that user's credentials like ROLES, PERMISSIONS,
> GROUPS and their
> relationships get cached after a user was authenticated,
> obviously nothing
> from the USERS table, which makes sense to me.
>
> Rogelio
>
> > -----Original Message-----
> > From: Gary Baker [mailto:[EMAIL PROTECTED]
> > Sent: Tuesday, September 30, 2003 11:43 AM
> > To: Turbine Users List
> > Subject: Security service and caching.
> >
> >
> > Anyone know how to configure the security service to cache
> > users, roles,
> > etc.
> >
> > I looked in
> > "org.apache.turbine.services.security.db.DBUserManager" and
> > it looks like it will hit the database everytime. Is there
> some other
> > security manager available? Maybe it's a configuration thing?
> >
> > -G
> >
> >
> ---------------------------------------------------------------------
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail:
> [EMAIL PROTECTED]
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
