Shulou(Shulou.com)06/01 Report--

Editor to share with you the example analysis of shiro cache machine, I believe that most people do not know much about it, so share this article for your reference, I hope you can learn a lot after reading this article, let's go to know it!

Shiro provides an Cache abstraction similar to Spring, that is, Shiro itself does not implement Cache, but it abstracts Cache to facilitate the replacement of different underlying Cache implementations.

Cache interface provided by Shiro:

Java code

Public interface Cache {/ / get the value in the cache public V get (K key) throws CacheException; / / put key-value in the cache according to Key, return the previous value public V put (K key, V value) throws CacheException; / / remove the value corresponding to key in the cache, and return this value public V remove (K key) throws CacheException; / / clear the entire cache public void clear () throws CacheException; / / return the cache size public int size () / / get all key public Set keys () in the cache; / / get all value public Collection values () in the cache;}

CacheManager interface provided by Shiro:

Java code

Public interface CacheManager {/ / get a Cache public Cache getCache (String name) throws CacheException;} based on the cache name

Shiro also provides CacheManagerAware for injecting CacheManager:

Java code

Public interface CacheManagerAware {/ / inject CacheManager void setCacheManager (CacheManager cacheManager);}

The corresponding component (DefaultSecurityManager) within Shiro automatically detects whether the corresponding object (such as Realm) implements CacheManagerAware and automatically injects the corresponding CacheManager.

Realm caching

Shiro provides CachingRealm, which implements the CacheManagerAware interface and provides some basic implementation of caching; in addition, AuthenticatingRealm and AuthorizingRealm provide caching of AuthenticationInfo and AuthorizationInfo information, respectively.

Ini configuration

Java code

UserRealm=com.github.zhangkaitao.shiro.chapter11.realm.UserRealm userRealm.credentialsMatcher=$credentialsMatcher userRealm.cachingEnabled=true userRealm.authenticationCachingEnabled=true userRealm.authenticationCacheName=authenticationCacheuserRealm.authorizationCachingEnabled=true userRealm.authorizationCacheName=authorizationCache securityManager.realms=$userRealm cacheManager=org.apache.shiro.cache.ehcache.EhCacheManager cacheManager.cacheManagerConfigFile=classpath:shiro-ehcache.xml securityManager.cacheManager=$cacheManager

UserRealm.cachingEnabled: enable caching, default false

UserRealm.authenticationCachingEnabled: enable authentication caching, that is, cache AuthenticationInfo information, default false

UserRealm.authenticationCacheName: cache name for caching AuthenticationInfo information

UserRealm. AuthorizationCachingEnabled: enable authorization caching, that is, cache AuthorizationInfo information, default false

UserRealm. AuthorizationCacheName: cache name for caching AuthorizationInfo information

CacheManager: cache manager. Here you use EhCacheManager, that is, Ehcache implementation. You need to import the corresponding Ehcache dependencies. Please refer to pom.xml.

Because of the test case, you need to change the CacheManager of Ehcache to use VM singleton mode:

This.manager = new net.sf.ehcache.CacheManager (getCacheManagerConfigFileInputStream ())

Change to

This.manager = net.sf.ehcache.CacheManager.create (getCacheManagerConfigFileInputStream ())

Test case

Java code

@ Test public void testClearCachedAuthenticationInfo () {login (u1.getUsername (), password); userService.changePassword (u1.getId (), password + "1"); RealmSecurityManager securityManager = (RealmSecurityManager) SecurityUtils.getSecurityManager (); UserRealm userRealm = (UserRealm) securityManager.getRealms (). Iterator (). Next (); userRealm.clearCachedAuthenticationInfo (subject (). GetPrincipals ()); login (u1.getUsername (), password + "1");}

First, login is successful (the corresponding AuthenticationInfo is cached at this time), and then the password is changed; then you need to call the clearCachedAuthenticationInfo method of Realm to clear the previously cached AuthenticationInfo;, otherwise you will get the AuthenticationInfo before you change the password the next time you log in.

Java code

@ Test public void testClearCachedAuthorizationInfo () {login (u1.getUsername (), password); subject () .checkRole (r1.getRole ()); userService.correlationRoles (u1.getId (), r2.getId ()); RealmSecurityManager securityManager = (RealmSecurityManager) SecurityUtils.getSecurityManager (); UserRealm userRealm = (UserRealm) securityManager.getRealms (). Iterator (). Next (); userRealm.clearCachedAuthorizationInfo (subject (). GetPrincipals ()); subject (). CheckRole (r2.getRole ());}

Similar to the previous use case; here the clearCachedAuthorizationInfo of Realm is called to empty the previously cached AuthorizationInfo

There is also clearCache, which calls both clearCachedAuthenticationInfo and clearCachedAuthorizationInfo to clear AuthenticationInfo and AuthorizationInfo.

UserRealm also provides clearAllCachedAuthorizationInfo, clearAllCachedAuthenticationInfo, and clearAllCache to clear the entire cache.

In some cases, this may not be the best choice. You can consider directly discarding Shiro cache, and then implement your own cache through mechanisms such as AOP. For more information, please see:

Https://github.com/zhangkaitao/es/tree/master/web/src/main/java/com/sishuok/es/extra/aop

In addition, if you can consider using Spring's Cache abstraction directly when integrating with Spring, you can consider using SpringCacheManagerWrapper, which wraps SpringCache and converts it into Shiro's CacheManager implementation:

Https://github.com/zhangkaitao/es/blob/master/web/src/main/java/org/apache/shiro/cache/spring/SpringCacheManagerWrapper.java

Session caching

When we set the CacheManager of SecurityManager, such as:

Java code

SecurityManager.cacheManager=$cacheManager

When we set up SessionManager:

Java code

SessionManager=org.apache.shiro.session.mgt.DefaultSessionManager securityManager.sessionManager=$sessionManager

For example, if securityManager implements SessionsSecurityManager, it will automatically determine whether SessionManager implements the CacheManagerAware interface, and if so, it will set CacheManager to it. Then sessionManager will determine whether the corresponding sessionDAO (such as inheriting from CachingSessionDAO) implements CacheManagerAware, and if so, it will set CacheManager to it; for example, MySessionDAO in Chapter 9 is SessionDAO; with cache, which will check the cache first, and then check the database if it cannot be found.

For CachingSessionDAO, you can set the name of the cache with the following configuration:

Java code

SessionDAO=com.github.zhangkaitao.shiro.chapter11.session.dao.MySessionDAO sessionDAO.activeSessionsCacheName=shiro-activeSessionCache activeSessionsCacheName defaults to shiro-activeSessionCache. The above is all the content of this article "sample Analysis of shiro Cache Machine". Thank you for reading! I believe we all have a certain understanding, hope to share the content to help you, if you want to learn more knowledge, welcome to follow the industry information channel!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.