Author: ate
Date: Thu Jun 15 06:34:16 2006
New Revision: 414578
URL: http://svn.apache.org/viewvc?rev=414578&view=rev
Log:
Big performance boost for getting permissions when invoked multiple times
within a single thread: permissions are now cached per principal in a
ThreadLocal Map
Especially the performance of the PortletSelector security checks on which
Portlets are allowed to be added to a page is improved a lot:
8s > 300ms for the full list of avaible portlets in the demo installation on
my machine when logged on as admin.
Modified:
portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/impl/PermissionManagerImpl.java
Modified:
portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/impl/PermissionManagerImpl.java
URL:
http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/impl/PermissionManagerImpl.java?rev=414578&r1=414577&r2=414578&view=diff
==============================================================================
---
portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/impl/PermissionManagerImpl.java
(original)
+++
portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/impl/PermissionManagerImpl.java
Thu Jun 15 06:34:16 2006
@@ -23,9 +23,9 @@
import java.sql.Timestamp;
import java.util.ArrayList;
import java.util.Collection;
-import java.util.Collections;
+import java.util.HashMap;
+import java.util.HashSet;
import java.util.Iterator;
-import java.util.List;
import javax.security.auth.Subject;
@@ -42,7 +42,6 @@
import org.apache.jetspeed.security.om.impl.InternalPermissionImpl;
import org.apache.jetspeed.security.om.impl.InternalPrincipalImpl;
import org.apache.jetspeed.util.ArgUtil;
-import org.apache.ojb.broker.metadata.FieldHelper;
import org.apache.ojb.broker.query.Criteria;
import org.apache.ojb.broker.query.Query;
import org.apache.ojb.broker.query.QueryByCriteria;
@@ -78,25 +77,45 @@
public class PermissionManagerImpl extends PersistenceBrokerDaoSupport
implements PermissionManager
{
private static final Log log =
LogFactory.getLog(PermissionManagerImpl.class);
+ private static ThreadLocal permissionsCache = new ThreadLocal();
/**
* @see
org.apache.jetspeed.security.PermissionManager#getPermissions(java.security.Principal)
*/
public Permissions getPermissions(Principal principal)
- {
+ {
String fullPath = SecurityHelper.getPreferencesFullPath(principal);
ArgUtil.notNull(new Object[] { fullPath }, new String[] { "fullPath" },
"removePermission(java.security.Principal)");
- // Remove permissions on principal.
- InternalPrincipal internalPrincipal = getInternalPrincipal(fullPath);
- Collection internalPermissions = new ArrayList();
- if (null != internalPrincipal)
+ HashMap permissionsMap = (HashMap)permissionsCache.get();
+ if ( permissionsMap == null )
+ {
+ permissionsMap = new HashMap();
+ permissionsCache.set(permissionsMap);
+ }
+ HashSet principalPermissions = (HashSet)permissionsMap.get(fullPath);
+ if ( principalPermissions == null )
{
- internalPermissions = internalPrincipal.getPermissions();
+ InternalPrincipal internalPrincipal =
getInternalPrincipal(fullPath);
+ if (null != internalPrincipal)
+ {
+ principalPermissions =
getSecurityPermissions(internalPrincipal.getPermissions());
+ }
+ if ( principalPermissions == null)
+ {
+ principalPermissions = new HashSet();
+ }
+ permissionsMap.put(fullPath, principalPermissions);
}
+
Permissions permissions = new Permissions();
- appendSecurityPermissions(internalPermissions, permissions);
+ Iterator iter =principalPermissions.iterator();
+ while (iter.hasNext())
+ {
+ permissions.add((Permission)iter.next());
+ }
+
return permissions;
}
@@ -112,20 +131,54 @@
Collection principalsFullPath = getPrincipalsFullPath(principals);
if ((null != principalsFullPath) && principalsFullPath.size() > 0)
{
- Criteria filter = new Criteria();
- filter.addIn("fullPath", principalsFullPath);
- Query query = QueryFactory.newQuery(InternalPrincipalImpl.class,
filter);
- Collection internalPrincipals =
getPersistenceBrokerTemplate().getCollectionByQuery(query);
- Iterator internalPrincipalsIter = internalPrincipals.iterator();
- while (internalPrincipalsIter.hasNext())
- {
- InternalPrincipal internalPrincipal = (InternalPrincipal)
internalPrincipalsIter.next();
- Collection internalPermissions =
internalPrincipal.getPermissions();
- if (null != internalPermissions)
+ HashSet permissionsSet = new HashSet();
+ ArrayList newPrincipals = new ArrayList();
+ HashMap permissionsMap = (HashMap)permissionsCache.get();
+ if (permissionsMap == null)
+ {
+ permissionsMap = new HashMap();
+ permissionsCache.set(permissionsMap);
+ }
+
+ Iterator iter = principalsFullPath.iterator();
+ HashSet principalPermissions;
+ while ( iter.hasNext())
+ {
+ principalPermissions =
(HashSet)permissionsMap.get(iter.next());
+ if ( principalPermissions != null )
+ {
+ iter.remove();
+ permissionsSet.addAll(principalPermissions);
+ }
+ }
+ if ( principalsFullPath.size() > 0)
+ {
+ Criteria filter = new Criteria();
+ filter.addIn("fullPath", principalsFullPath);
+ Query query =
QueryFactory.newQuery(InternalPrincipalImpl.class, filter);
+ Collection internalPrincipals =
getPersistenceBrokerTemplate().getCollectionByQuery(query);
+ Iterator internalPrincipalsIter =
internalPrincipals.iterator();
+ while (internalPrincipalsIter.hasNext())
{
- permissions =
appendSecurityPermissions(internalPermissions, permissions);
+ InternalPrincipal internalPrincipal = (InternalPrincipal)
internalPrincipalsIter.next();
+ Collection internalPermissions =
internalPrincipal.getPermissions();
+ if (null != internalPermissions)
+ {
+ principalPermissions =
getSecurityPermissions(internalPermissions);
+ permissionsSet.addAll(principalPermissions);
+ }
+ else
+ {
+ principalPermissions = new HashSet();
+ }
+
permissionsMap.put(internalPrincipal.getFullPath(),principalPermissions);
}
}
+ iter = permissionsSet.iterator();
+ while (iter.hasNext())
+ {
+ permissions.add((Permission)iter.next());
+ }
}
return permissions;
}
@@ -161,10 +214,10 @@
* </p>
*
* @param omPermissions The collection of [EMAIL PROTECTED]
InternalPermission}.
- * @return The collection of [EMAIL PROTECTED] java.security.Permission}.
*/
- private Permissions appendSecurityPermissions(Collection omPermissions,
Permissions permissions)
+ private HashSet getSecurityPermissions(Collection omPermissions)
{
+ HashSet permissions = new HashSet();
Iterator internalPermissionsIter = omPermissions.iterator();
while (internalPermissionsIter.hasNext())
{
@@ -177,19 +230,18 @@
Constructor permissionConstructor =
permissionClass.getConstructor(parameterTypes);
Object[] initArgs = { internalPermission.getName(),
internalPermission.getActions() };
permission = (Permission)
permissionConstructor.newInstance(initArgs);
-
if(!Collections.list(permissions.elements()).contains(permission))
+ if(permissions.add(permission))
{
if (log.isDebugEnabled())
{
- log.debug("Adding permimssion: [class, " +
permission.getClass().getName() + "], " + "[name, "
+ log.debug("Added permimssion: [class, " +
permission.getClass().getName() + "], " + "[name, "
+ permission.getName() + "], " + "[actions, "
+ permission.getActions() + "]");
}
- permissions.add(permission);
}
}
catch (Exception e)
{
- e.printStackTrace();
+ log.error("Internal error", e);
}
}
return permissions;
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
