Hi, I'm running a REST API on a quad-core CPU box and when I turn on Shiro authentication, the CPU's get maxed out pretty quickly. The main load is calls to the API /v1/selection as can be seen in the [urls] section below. Turn auth off and CPU utilization is very small. Reading through documentation, I thought turning on authentication caching was the key, but I have tried both the built in EhCacheManager and MeoryConstrainedCacheManager but it hasn't made any difference. I would appreciate any feedback, here is my shiro.ini file:
[main] passwordMatcher = org.apache.shiro.authc.credential.PasswordMatcher ;cacheManager = org.apache.shiro.cache.ehcache.EhCacheManager cacheManager = org.apache.shiro.cache.MemoryConstrainedCacheManager securityManager.cacheManager = $cacheManager iniRealm.credentialsMatcher = $passwordMatcher iniRealm.authenticationCachingEnabled = true ; TODO - enable ssl filter for real deployment ssl.enabled = false [users] admin = $shiro1$SHA-256$500000$o51Hv+79zLxE02waEHUCAg==$AE6rpoSmI1DmI0KTL0EUt/vU0IkhXCh3l0/8hN5Epvc=, admin BeOn = $shiro1$SHA-256$500000$yM3AZt2x3Ak0rKY+DGJSBA==$jqW+7W3wYd4LVcN9zFA5B40ElLsN/C1TKPXXH38SvRQ=, BeOn_update, BeOn_read [roles] admin = * aolupdate = selection:aol:update,collection:aol:update,partition:aol:update,promotion:aol:update,algorithm:aol:update aolread = selection:aol:read,collection:aol:read,partition:aol:read,promotion:aol:read,algorithm:read,algorithm:aol:read BeOn_update = selection:BeOn:update,collection:BeOn:update,partition:BeOn:update,promotion:BeOn:update,algorithm:BeOn:update BeOn_read = selection:BeOn:read,collection:BeOn:read,partition:BeOn:read,promotion:BeOn:read,algorithm:read,algorithm:BeOn:read [urls] /v1/collection = ssl, noSessionCreation, authcBasic /v1/collection/ = ssl, noSessionCreation, authcBasic /v1/partition = ssl, noSessionCreation, authcBasic /v1/partition/ = ssl, noSessionCreation, authcBasic /v1/algorithm_config = ssl, noSessionCreation, authcBasic, rest[algorithm] /v1/algorithm_config/* = ssl, noSessionCreation, authcBasic, rest[algorithm] /v1/algorithm_config/*/ = ssl, noSessionCreation, authcBasic, rest[algorithm] /v1/algorithm_config/*/BeOn/** = ssl, noSessionCreation, authcBasic, rest[algorithm:BeOn] /v1/selection/BeOn/** = ssl, noSessionCreation, authcBasic, rest[selection:BeOn] /v1/collection/BeOn/** = ssl, noSessionCreation, authcBasic, rest[collection:BeOn] Thanks in advance for any help and/or insight. ---- Saad -- View this message in context: http://shiro-user.582556.n2.nabble.com/Shiro-Auth-On-REST-API-Killing-CPU-tp7579340.html Sent from the Shiro User mailing list archive at Nabble.com.
