Hi I think you are posting in the wrong user mailing list. This is for Apache Camel (an integration library).
On Fri, Mar 27, 2020 at 5:15 PM Modanese, Riccardo <[email protected]> wrote: > > Hi all, > > I have a question about the ModularRealmAuthorizer implementation (Shiro > version 1.3.2). > There are 2 methods to check multiple permissions: > public boolean[] isPermitted(PrincipalCollection principals, String... > permissions) > public boolean[] isPermitted(PrincipalCollection principals, > List<Permission> permissions) > > Both of these implementations does a loop to call the isPermitted method with > a single permission. > So the AuthorizingRealm method doGetAuthorizationInfo is called at each > iteration. (we aren’t using cache) > > Since the AuthorizingRealm has a specific implementation for the isPermitted > method with multiple permissions we tried to use it customizing the > ModularRealmAuthorizer. > In Kapua project we wrote a custom ModularRealmAuthorizer implementation (see > [1]) to reduce the doGetAuthorizationInfo calls count (with the "at least one > realm” as result aggregation strategy). > > In the ModularRealmAuthorizer did you implement the isPermitted method with > the for loop to use the realm aggregation strategy configuration for the > realms results? > If not, is it possible to change the implementation to make it more > performant (avoiding multiple doGetAuthorizationInfo)? > > Thank you > > Riccardo > > [1] > https://github.com/eclipse/kapua/blob/develop/broker-core/src/main/java/org/eclipse/kapua/broker/core/security/EnhModularRealmAuthorizer.java#L47 -- Claus Ibsen ----------------- http://davsclaus.com @davsclaus Camel in Action 2: https://www.manning.com/ibsen2
