Hi Les,
My code ended up with a thread inside my custom realm. That thread
listens to broadcasts that tell it what principal should be cleared from
the cache. That way, I didn't need to expose the cache clearing method
and I kept all that functionality contained in an easy to find location.
As always, thank you for your thoughts.
--Stephen
On 9/13/2013 1:59 PM, Les Hazlewood wrote:
Hi Stephen,
Your solution is perfectly fine, and in fact, may be more ideal than
having a public method: in order to execute this logic, you need a
PrincipalCollection. Acquiring a PrincipalCollection is probably a
responsibility better suited to the Realm (or something that uses
Shiro) rather than something that should be accessible by any
application component.
My .02,
--
Les Hazlewood | @lhazlewood
CTO, Stormpath | http://stormpath.com <http://stormpath.com/> |
@goStormpath | 888.391.5282
On Wed, Sep 4, 2013 at 2:10 PM, Stephen McCants
<[email protected] <mailto:[email protected]>> wrote:
Hello All,
I'm still learning about Shiro and I'm working on permission
changes at runtime. From what I've read, I need to invalidate the
cached AuthorizationInfo so that a user will immediately get their
new permissions. So here is my question:
If my code that manages permission changes to call
clearCachedAuthorizationInfo(PrincipalCollection) on any realm
that may have it cached, why is this method protected? Shouldn't
it be public? As it is, I created a new public method in my
custom realm just to call the protected method.
Is that a mistake? (Generally circumventing protected/private is
bad.) What is the preferred way?
Thanks for your help.
Sincerely,
Stephen McCants
--
Stephen McCants
Senior Software Engineer
Healthcare Control Systems
1-877-877-8795 x116 <tel:1-877-877-8795%20x116>
--
Stephen McCants
Senior Software Engineer
Healthcare Control Systems
1-877-877-8795 x116
