I was wondering why certain methods in AuthorizingRealm abstract class are private. These are the ones that I especially need in my custom realm.
private boolean isPermitted(Permission permission, AuthorizationInfo info) private Collection<Permission> getPermissions(AuthorizationInfo info) Here's what I'm trying to do: I ran some initial performance test on authorization with cache-enabled using Coherence. With a custom permission class, I'm able to get the execution to complete with average of 0.07ms in replicated mode and 1.5ms in distributed mode. This is mainly because object is not serialized in replicated mode. Since it's not feasible for us to use replicated mode, the proposed option is to use EntryProcessor to execute on the entry within the cache and return a boolean whether user is permitted. With this approach, I'm basically overriding this method: public boolean isPermitted(PrincipalCollection principals, Permission permission) so that I can add the call to invoke entry processor for authorization. To make the logic very similar to an existing one, I need to also make a call to those 2 private methods. At this point, I simply copied over the code, but it would be much nicer for maintenance-sake if I can just call them. Would you consider changing the visibility for these methods? Thanks, Jack --- BTW, overriding protected Object getAuthorizationCacheKey(PrincipalCollection principals) to return a String representation of the principals object seems to help with performance. With replicated cache, I'm able to shape off another 0.01ms. -- View this message in context: http://shiro-user.582556.n2.nabble.com/Making-Some-Private-Methods-in-AuthorizingRealm-Protected-tp6427950p6427950.html Sent from the Shiro User mailing list archive at Nabble.com.
