Hi Niv, This definitely sounds like a cache configuration issue to me. Perhaps your cache is overflowing to disk and when you clear out an entry, it needs to unserialize the data from disk before it clears out? I'm not sure if this is what is happening, but disk IO *sounds* like it might be the culprit.
Also, if you're not using the 'ehCacheManager' bean anywhere else in your Spring config, you don't need to explicitly define it for Shiro's benefit. The org.apache.shiro.cache.ehcache.EhCacheManager will accept a config parameter for your ehcache.xml config and set-up/tear-down the Ehcache CacheManager instance automatically. HTH, -- Les Hazlewood Founder, Katasoft, Inc. Application Security Products & Professional Apache Shiro Support and Training: http://www.katasoft.com On Wed, May 4, 2011 at 8:22 PM, Niv-4 <[email protected]> wrote: > Hi Les > > Appreciate your time. I have configured the ecache like this in the > applicationContext..xml in our wicket application. > > <bean id="cacheManager" > class="org.apache.shiro.cache.ehcache.EhCacheManager"> > <property name="cacheManager" ref="ehCacheManager"/> > </bean> > > <bean id="ehCacheManager" class="net.sf.ehcache.CacheManager"/> > > public class ArkLdapRealm extends AuthorizingRealm{ > > ... > @Override > public void clearCachedAuthorizationInfo(PrincipalCollection principals) > { > super.clearCachedAuthorizationInfo(principals); > } > } > > Now when a user action is performed on the front end like selecting a > particular Tab which represents a usecase..this is what I do.. > //I get a reference to the realm instance via Spring bean injection > realm.clearCachedAuthorizationInfo(currentUser.getPrincipals()); > > Next Authorization check: delegates the call to the Realm instance and as > you mentioned in one of your posts executes the doGetAuthorizationInfo().. > > securityManager.isPermitted(currentUser.getPrincipals(), > PermissionConstants.CREATE) (etc) > > With this in place..I am able to load the set of permissions for the > selected usecase function so its very dynamic as its the feature of Shiro to > widen a user permission or restrict without him having to log out. All this > is nice. > > Probably the ecache implementation is incorrectly configured? Without > clearning the cache..it was lot better so I am leaning on the fact that this > behaviour is causing the issue. > > Any thoughts. Thanks again Les for the time. > > Regarding posts not being accepted, I posted this via an email and not via > the forum and has gotten accepted. So i guess will follow suit in future. > > Many Thanks > Niv > > > > > > > -- > View this message in context: > http://shiro-user.582556.n2.nabble.com/Invalidating-Authentication-Cache-slows-performance-tp6329816p6333063.html > Sent from the Shiro User mailing list archive at Nabble.com.
