I do not recommend this approach in production mode since it can hurt performance. It's better to destroy the cache [1] after updating the security model.
https://shiro.apache.org/static/current/apidocs/org/apache/shiro/cache/MemoryConstrainedCacheManager.html On Wed, Jun 11, 2014 at 10:14 AM, Ranganath Chittari (JIRA) <[email protected]> wrote: > > [ > https://issues.apache.org/jira/browse/ISIS-799?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14027537#comment-14027537 > ] > > Ranganath Chittari commented on ISIS-799: > ----------------------------------------- > > HI Dan, > > After removing caching, it's working. > Note: But even without logout( in case admin itself is updated with any role > in its session) new roles and permission are getting reflected. > > change is: > Remove the following lines from shiro.ini file: > builtInCacheManager = org.apache.shiro.cache.MemoryConstrainedCacheManager > securityManager.cacheManager = $builtInCacheManager > > > > Thanks > Ranganath. > > >> Isis Shiro - Server restart for loading new permission >> ------------------------------------------------------ >> >> Key: ISIS-799 >> URL: https://issues.apache.org/jira/browse/ISIS-799 >> Project: Isis >> Issue Type: Improvement >> Components: Core, Security: Shiro >> Affects Versions: security-shiro-1.4.0, core-1.5.0 >> Reporter: Dan Haywood >> Assignee: Dan Haywood >> Fix For: security-shiro-1.6.0, core-1.6.0 >> >> Attachments: ISIS-Security.sql, shiro.ini >> >> >> I created security ISIS service (application-specific) to create users, >> roles and permissions and their mappings from UI. >> I am facing one issue in the following scenario: >> 1. Using SQL script one user(admin) with role access to all services >> inserted into security tables >> 2. Logged in using admin to create another user(BBY) to access some >> services >> 3. Logged out admin >> 4. Logged in using BBY. BBY doesn't see those services which are given >> access by admin >> 5. Jetty server restart and logged in using BBY >> 6. BBY now can be able to see those services. >> I think when BBY user logs in should see the services as this user has got >> permissions even without restart the server. > > > > -- > This message was sent by Atlassian JIRA > (v6.2#6252)
