/** * This implementation attempts to acquire an authentication cache if one is not already configured. * * @since 1.2 */ protected void afterCacheManagerSet() { //trigger obtaining the authorization cache if possible getAvailableAuthenticationCache(); }
/** * Initializes this realm and potentially enables an authentication cache, depending on configuration. Based on * the availability of an authentication cache, this class functions as follows: * <ol> * <li>If the {@link #setAuthenticationCache cache} property has been set, it will be * used to cache the AuthenticationInfo objects returned from {@link #getAuthenticationInfo} * method invocations. * All future calls to {@link #getAuthenticationInfo} will attempt to use this cache first * to alleviate any potentially unnecessary calls to an underlying data store.</li> * <li>If the {@link #setAuthenticationCache cache} property has <b>not</b> been set, * the {@link #setCacheManager cacheManager} property will be checked. * If a {@code cacheManager} has been set, it will be used to eagerly acquire an authentication * {@code cache}, and this cache which will be used as specified in #1.</li> * <li>If neither the {@link #setAuthenticationCache (org.apache.shiro.cache.Cache) authenticationCache} * or {@link #setCacheManager(org.apache.shiro.cache.CacheManager) cacheManager} * properties are set, caching will not be utilized and authentication look-ups will be delegated to * subclass implementations for each authentication attempt.</li> * </ol> * <p/> * This method finishes by calling {@link #onInit()} is to allow subclasses to perform any init behavior desired. * * @since 1.2 */ public final void init() { //trigger obtaining the authorization cache if possible getAvailableAuthenticationCache(); onInit(); }
/** * Returns any cached AuthenticationInfo corresponding to the specified token or {@code null} if there currently * isn't any cached data. * * @param token the token submitted during the authentication attempt. * @return any cached AuthenticationInfo corresponding to the specified token or {@code null} if there currently * isn't any cached data. * @since 1.2 */ private AuthenticationInfo getCachedAuthenticationInfo(AuthenticationToken token) { AuthenticationInfo info = null; Cache<Object, AuthenticationInfo> cache = getAvailableAuthenticationCache(); if (cache != null && token != null) { log.trace("Attempting to retrieve the AuthenticationInfo from cache."); Object key = getAuthenticationCacheKey(token); info = cache.get(key); if (info == null) { log.trace("No AuthorizationInfo found in cache for key [{}]", key); } else { log.trace("Found cached AuthorizationInfo for key [{}]", key); } } return info; }
/** * Caches the specified info if authentication caching * {@link #isAuthenticationCachingEnabled(org.apache.shiro.authc.AuthenticationToken, org.apache.shiro.authc.AuthenticationInfo) isEnabled} * for the specific token/info pair and a cache instance is available to be used. * * @param token the authentication token submitted which resulted in a successful authentication attempt. * @param info the AuthenticationInfo to cache as a result of the successful authentication attempt. * @since 1.2 */ private void cacheAuthenticationInfoIfPossible(AuthenticationToken token, AuthenticationInfo info) { if (!isAuthenticationCachingEnabled(token, info)) { log.debug("AuthenticationInfo caching is disabled for info [{}]. Submitted token: [{}].", info, token); //return quietly, caching is disabled for this token/info pair: return; } Cache<Object, AuthenticationInfo> cache = getAvailableAuthenticationCache(); if (cache != null) { Object key = getAuthenticationCacheKey(token); cache.put(key, info); log.trace("Cached AuthenticationInfo for continued authentication. key=[{}], value=[{}].", key, info); } }
/** * Clears out the AuthenticationInfo cache entry for the specified account. * <p/> * This method is provided as a convenience to subclasses so they can invalidate a cache entry when they * change an account's authentication data (e.g. reset password) during runtime. Because an account's * AuthenticationInfo can be cached, there needs to be a way to invalidate the cache for only that account so that * subsequent authentication operations don't used the (old) cached value if account data changes. * <p/> * After this method is called, the next authentication for that same account will result in a call to * {@link #doGetAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken) doGetAuthenticationInfo}, and the * resulting return value will be cached before being returned so it can be reused for later authentications. * <p/> * If you wish to clear out all associated cached data (and not just authentication data), use the * {@link #clearCache(org.apache.shiro.subject.PrincipalCollection)} method instead (which will in turn call this * method by default). * * @param principals the principals of the account for which to clear the cached AuthorizationInfo. * @see #clearCache(org.apache.shiro.subject.PrincipalCollection) * @since 1.2 */ protected void clearCachedAuthenticationInfo(PrincipalCollection principals) { if (!isEmpty(principals)) { Cache<Object, AuthenticationInfo> cache = getAvailableAuthenticationCache(); //cache instance will be non-null if caching is enabled: if (cache != null) { Object key = getAuthenticationCacheKey(principals); cache.remove(key); } } }
/** * This implementation attempts to acquire an authentication cache if one is not already configured. * * @since 1.2 */ protected void afterCacheManagerSet() { //trigger obtaining the authorization cache if possible getAvailableAuthenticationCache(); }
/** * Initializes this realm and potentially enables an authentication cache, depending on configuration. Based on * the availability of an authentication cache, this class functions as follows: * <ol> * <li>If the {@link #setAuthenticationCache cache} property has been set, it will be * used to cache the AuthenticationInfo objects returned from {@link #getAuthenticationInfo} * method invocations. * All future calls to {@link #getAuthenticationInfo} will attempt to use this cache first * to alleviate any potentially unnecessary calls to an underlying data store.</li> * <li>If the {@link #setAuthenticationCache cache} property has <b>not</b> been set, * the {@link #setCacheManager cacheManager} property will be checked. * If a {@code cacheManager} has been set, it will be used to eagerly acquire an authentication * {@code cache}, and this cache which will be used as specified in #1.</li> * <li>If neither the {@link #setAuthenticationCache (org.apache.shiro.cache.Cache) authenticationCache} * or {@link #setCacheManager(org.apache.shiro.cache.CacheManager) cacheManager} * properties are set, caching will not be utilized and authentication look-ups will be delegated to * subclass implementations for each authentication attempt.</li> * </ol> * <p/> * This method finishes by calling {@link #onInit()} is to allow subclasses to perform any init behavior desired. * * @since 1.2 */ public final void init() { //trigger obtaining the authorization cache if possible getAvailableAuthenticationCache(); onInit(); }
/** * Returns any cached AuthenticationInfo corresponding to the specified token or {@code null} if there currently * isn't any cached data. * * @param token the token submitted during the authentication attempt. * @return any cached AuthenticationInfo corresponding to the specified token or {@code null} if there currently * isn't any cached data. * @since 1.2 */ private AuthenticationInfo getCachedAuthenticationInfo(AuthenticationToken token) { AuthenticationInfo info = null; Cache<Object, AuthenticationInfo> cache = getAvailableAuthenticationCache(); if (cache != null && token != null) { log.trace("Attempting to retrieve the AuthenticationInfo from cache."); Object key = getAuthenticationCacheKey(token); info = cache.get(key); if (info == null) { log.trace("No AuthorizationInfo found in cache for key [{}]", key); } else { log.trace("Found cached AuthorizationInfo for key [{}]", key); } } return info; }
/** * Caches the specified info if authentication caching * {@link #isAuthenticationCachingEnabled(org.apache.shiro.authc.AuthenticationToken, org.apache.shiro.authc.AuthenticationInfo) isEnabled} * for the specific token/info pair and a cache instance is available to be used. * * @param token the authentication token submitted which resulted in a successful authentication attempt. * @param info the AuthenticationInfo to cache as a result of the successful authentication attempt. * @since 1.2 */ private void cacheAuthenticationInfoIfPossible(AuthenticationToken token, AuthenticationInfo info) { if (!isAuthenticationCachingEnabled(token, info)) { log.debug("AuthenticationInfo caching is disabled for info [{}]. Submitted token: [{}].", info, token); //return quietly, caching is disabled for this token/info pair: return; } Cache<Object, AuthenticationInfo> cache = getAvailableAuthenticationCache(); if (cache != null) { Object key = getAuthenticationCacheKey(token); cache.put(key, info); log.trace("Cached AuthenticationInfo for continued authentication. key=[{}], value=[{}].", key, info); } }
/** * Clears out the AuthenticationInfo cache entry for the specified account. * <p/> * This method is provided as a convenience to subclasses so they can invalidate a cache entry when they * change an account's authentication data (e.g. reset password) during runtime. Because an account's * AuthenticationInfo can be cached, there needs to be a way to invalidate the cache for only that account so that * subsequent authentication operations don't used the (old) cached value if account data changes. * <p/> * After this method is called, the next authentication for that same account will result in a call to * {@link #doGetAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken) doGetAuthenticationInfo}, and the * resulting return value will be cached before being returned so it can be reused for later authentications. * <p/> * If you wish to clear out all associated cached data (and not just authentication data), use the * {@link #clearCache(org.apache.shiro.subject.PrincipalCollection)} method instead (which will in turn call this * method by default). * * @param principals the principals of the account for which to clear the cached AuthorizationInfo. * @see #clearCache(org.apache.shiro.subject.PrincipalCollection) * @since 1.2 */ protected void clearCachedAuthenticationInfo(PrincipalCollection principals) { if (!isEmpty(principals)) { Cache<Object, AuthenticationInfo> cache = getAvailableAuthenticationCache(); //cache instance will be non-null if caching is enabled: if (cache != null) { Object key = getAuthenticationCacheKey(principals); cache.remove(key); } } }