Hi Edmond, I'll fix this ASAP in trunk for 1.3, but it can't be fixed for 1.2.2: Per our versioning guidelines (http://apr.apache.org/versioning.html):
Patch Versions: "To retain perfect source and binary compatibility, a patch release can only change function implementations. Changes to the API, to the signatures of public functions, or to the interpretation of function parameters is not allowed. Effectively, these releases are pure bug fix releases." In other words, if you use 1.2.4 for example, you should be able to downgrade to 1.2.1 with _no_ impact to your code. This wouldn't be possible in the scenario you describe. HTH, Les On Thu, Dec 27, 2012 at 6:14 AM, Emond Papegaaij <[email protected]> wrote: > > Hi all, > > > > AuthorizingRealm is a good starting point for most custom realms, however the > large number of private methods prevent real customization. Over a year ago, > someone already asked to change isPermitted to protected in SHIRO-332 and now > we are facing similar issues. > > > > In our application it is quite expensive to resolve the permissions for a > role, so I want to cache the permissions for an AuthorizationInfo, just as > the AuthorizationInfo itself is cached. For this to work, I have to change > the implementation of getPermissions to first check the cache and then > perform the default behavior. If getPermissions were protected, I could > simply override that method, check the cache and call super if nothing was > cached, but now I have to copy-paste all these methods (over 100 lines of > code) to change only a few lines: > > > > private Collection<Permission> getPermissions(AuthorizationInfo) > > to change the code > > private Collection<Permission> resolvePermissions(Collection<String>) > > private Collection<Permission> resolveRolePermissions(Collection<String>) > > because they are used by getPermissions and private > > private boolean isPermitted(Permission, AuthorizationInfo) > > because it uses getPermissions > > protected void checkPermission(Permission, AuthorizationInfo) > > protected boolean[] isPermitted(List<Permission>, AuthorizationInfo) > > public boolean isPermitted(PrincipalCollection, Permission) > > protected boolean isPermittedAll(Collection<Permission>, AuthorizationInfo) > > because they use isPermitted > > > > Can this issue please be fixed for 1.2.2? The changes are binary compatible > and small, but would help is a lot. > > > > Best regards, > > Emond Papegaaij
