Oops! This: "Any Shiro component that implements CacheManager will automatically receive a configured CacheManager, where it can be used to acquire Cache instances."
Should read as this: "Any Shiro component that implements *CacheManagerAware* will automatically receive a configured CacheManager, where it can be used to acquire Cache instances." On Fri, Mar 25, 2011 at 11:34 AM, Les Hazlewood <[email protected]> wrote: > Hi guys, > > Until we can spend a proper amount of time writing the docs for this, > here is the 'Cliff's Notes' version: > > Shiro has three important cache interfaces: > > org.apache.shiro.cache.CacheManager and > org.apache.shiro.cache.Cache > org.apache.shiro.cache.CacheManagerAware > > A CacheManager returns Cache instances and various Shiro components > use those Cache instances to cache data as necessary. Any Shiro > component that implements CacheManager will automatically receive a > configured CacheManager, where it can be used to acquire Cache > instances. > > The Shiro SecurityManager implementations and all AuthorizingRealm > implementations implement CacheManagerAware. If you set the > CacheManager on the SecurityManager, it will in turn set it on the > various Realms that implement CacheManagerAware as well (OO > delegation). For example, in shiro.ini: > > securityManager.realms = $myRealm1, $myRealm2, ..., $myRealmN > ... > cacheManager = my.implementation.of.CacheManager > ... > securityManager.cacheManager = $cacheManager > # at this point, the securityManager and all CacheManagerAware > # realms have been set with the cacheManager instance > > We have out-of-the-box Ehcache implementations of CacheManager/Cache, > so you can use that today if you wanted. Otherwise, you can implement > your own CacheManager (e.g. via Coherence, etc) and configure it as > above, and you'll be good to go. > > Finally note that AuthorizingRealm has a convenience method > 'clearCachedAuthorizationInfo' that can be called by subclasses to > evict the cached authzInfo for a particular account. It is usually > called by custom logic if the corresponding account's authz data has > changed (to ensure the next authz check will pick up the new data). > > Does this help? Are there any glaring holes that you guys are still > wondering about? > > Cheers, > > -- > Les Hazlewood > Founder, Katasoft, Inc. > Application Security Products & Professional Apache Shiro Support and > Training: > http://www.katasoft.com
