No problem. It's a minor point really, but I think that what you're saying is that the dao is essentially not deterministic. So, if userAA from tenant 1 logs in, his info is cached under "userA". Then if userA from tenant 2 logs in, we register a cache hit and he gets permission info for userA from tenant 1. I may have just missed it, but I was wondering how you handled that situation. Or do you just not use the caching?
Thanks, Jared Les Hazlewood <[email protected]> wrote: Can you explain this might be dangerous w/ regards to tenants? Maybe I'm being dense today - sorry :( - but I still don't follow. Regards, Les On Fri, Jul 8, 2011 at 2:37 PM, Jared Bunting <[email protected]> wrote: > Didn't mean much by information at the time. But, after looking at the > code, I suppose my concern would be with getAuthorizationInfo() of the > AuthorizingRealm - if caching is enabled, it seems to me that your > technique might be dangerous.
