This sounds promising, definitely caching would be kind of pointless if it were still doing the full 500000 iterations of a hash before every hash lookup. But I am lost on two points:
a) does the default IniRealm class return plaintext or obfuscated authentication info b) how does the caching mechanism decide whether to do the full hashing on the incoming tokens before looking up in the cache Any idea? ---- Saad -- View this message in context: http://shiro-user.582556.n2.nabble.com/Shiro-Auth-On-REST-API-Killing-CPU-tp7579340p7579342.html Sent from the Shiro User mailing list archive at Nabble.com.
