Hi Jack, The only reason is that those methods were there to support that class's internal implementation. It is usually good to default to private visibility because once you open up that API, there's 'no going back', so to speak.
Please open a Jira issue and ideally provide a patch for the change, otherwise we'll lose track of this. On a side note, thanks so much for sharing the cache note with the user list - it shows a great example of how to make your application's performance very efficient when performing very fine-grained access control. Good stuff! Best, -- Les Hazlewood Founder, Katasoft, Inc. Application Security Products & Professional Apache Shiro Support and Training: http://www.katasoft.com On Wed, Jun 1, 2011 at 10:18 AM, juminoz <[email protected]> wrote: > I was wondering why certain methods in AuthorizingRealm abstract class are > private. These are the ones that I especially need in my custom realm. > > private boolean isPermitted(Permission permission, AuthorizationInfo info) > private Collection<Permission> getPermissions(AuthorizationInfo info) > > Here's what I'm trying to do: > I ran some initial performance test on authorization with cache-enabled > using Coherence. With a custom permission class, I'm able to get the > execution to complete with average of 0.07ms in replicated mode and 1.5ms in > distributed mode. This is mainly because object is not serialized in > replicated mode. Since it's not feasible for us to use replicated mode, the > proposed option is to use EntryProcessor to execute on the entry within the > cache and return a boolean whether user is permitted. > > With this approach, I'm basically overriding this method: > > public boolean isPermitted(PrincipalCollection principals, Permission > permission) > > so that I can add the call to invoke entry processor for authorization. To > make the logic very similar to an existing one, I need to also make a call > to those 2 private methods. At this point, I simply copied over the code, > but it would be much nicer for maintenance-sake if I can just call them. > > Would you consider changing the visibility for these methods? > > Thanks, > Jack > > --- > BTW, overriding > > protected Object getAuthorizationCacheKey(PrincipalCollection principals) > > to return a String representation of the principals object seems to help > with performance. With replicated cache, I'm able to shape off another > 0.01ms. > > -- > View this message in context: > http://shiro-user.582556.n2.nabble.com/Making-Some-Private-Methods-in-AuthorizingRealm-Protected-tp6427950p6427950.html > Sent from the Shiro User mailing list archive at Nabble.com.
