Sebastian Sdorra avatar Sebastian Sdorra committed 7c62f93

use ehcache as shiro cachemanager

Comments (0)

Files changed (6)

scm-plugin-backend/pom.xml

       <artifactId>shiro-guice</artifactId>
       <version>${shiro.version}</version>
     </dependency>
+    
+    <dependency>
+      <groupId>org.apache.shiro</groupId>
+      <artifactId>shiro-ehcache</artifactId>
+      <version>${shiro.version}</version>
+    </dependency>
 
   </dependencies>
 

scm-plugin-backend/src/main/java/sonia/scm/plugin/security/CacheManagerProvider.java

+/**
+ * Copyright (c) 2010, Sebastian Sdorra All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer. 2. Redistributions in
+ * binary form must reproduce the above copyright notice, this list of
+ * conditions and the following disclaimer in the documentation and/or other
+ * materials provided with the distribution. 3. Neither the name of SCM-Manager;
+ * nor the names of its contributors may be used to endorse or promote products
+ * derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR
+ * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+ * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * http://bitbucket.org/sdorra/scm-manager
+ *
+ */
+
+
+
+package sonia.scm.plugin.security;
+
+//~--- non-JDK imports --------------------------------------------------------
+
+import com.google.inject.Inject;
+import com.google.inject.Provider;
+import com.google.inject.Singleton;
+
+import org.apache.shiro.cache.CacheManager;
+import org.apache.shiro.cache.ehcache.EhCacheManager;
+
+/**
+ *
+ * @author Sebastian Sdorra
+ */
+@Singleton
+public class CacheManagerProvider implements Provider<CacheManager>
+{
+
+  /**
+   * Constructs ...
+   *
+   *
+   * @param cacheManager
+   */
+  @Inject
+  public CacheManagerProvider(net.sf.ehcache.CacheManager cacheManager)
+  {
+    this.cacheManager = cacheManager;
+  }
+
+  //~--- get methods ----------------------------------------------------------
+
+  /**
+   * Method description
+   *
+   *
+   * @return
+   */
+  @Override
+  public CacheManager get()
+  {
+    EhCacheManager eh = new EhCacheManager();
+
+    eh.setCacheManager(cacheManager);
+
+    return eh;
+  }
+
+  //~--- fields ---------------------------------------------------------------
+
+  /** Field description */
+  private net.sf.ehcache.CacheManager cacheManager;
+}

scm-plugin-backend/src/main/java/sonia/scm/plugin/security/DefaultAdminRealm.java

 import org.apache.shiro.authc.credential.CredentialsMatcher;
 import org.apache.shiro.authz.AuthorizationInfo;
 import org.apache.shiro.authz.SimpleAuthorizationInfo;
+import org.apache.shiro.cache.CacheManager;
 import org.apache.shiro.realm.AuthorizingRealm;
 import org.apache.shiro.subject.PrincipalCollection;
 
    *
    * @param configuration
    * @param credentialsMatcher
+   * @param cacheManager
    */
   @Inject
   public DefaultAdminRealm(BackendConfiguration configuration,
-    CredentialsMatcher credentialsMatcher)
+    CredentialsMatcher credentialsMatcher, CacheManager cacheManager)
   {
-    super(credentialsMatcher);
+    super(cacheManager, credentialsMatcher);
     this.configuration = configuration;
     setAuthenticationTokenClass(UsernamePasswordToken.class);
   }

scm-plugin-backend/src/main/java/sonia/scm/plugin/security/SecurityModule.java

 
 import org.apache.shiro.authc.credential.CredentialsMatcher;
 import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
+import org.apache.shiro.cache.CacheManager;
 import org.apache.shiro.crypto.RandomNumberGenerator;
 import org.apache.shiro.crypto.SecureRandomNumberGenerator;
 import org.apache.shiro.crypto.hash.SimpleHash;
     bindConstants();
     bindCredentialsMatcher();
 
+    // bind cache manager
+    bind(CacheManager.class).toProvider(CacheManagerProvider.class);
+
     // bind realm
     bindRealm().to(DefaultAdminRealm.class);
 

scm-plugin-backend/src/main/resources/config/ehcache.xml

         timeToLiveSeconds="3600"
         diskPersistent="false"
   />
+  
+  <!-- shiro -->
+  
+  <!-- We want eternal="true" and no timeToIdle or timeToLive settings because Shiro manages session
+       expirations explicitly.  If we set it to false and then set corresponding timeToIdle and timeToLive properties,
+       ehcache would evict sessions without Shiro's knowledge, which would cause many problems
+      (e.g. "My Shiro session timeout is 30 minutes - why isn't a session available after 2 minutes?"
+             Answer - ehcache expired it due to the timeToIdle property set to 120 seconds.)
+
+      diskPersistent=true since we want an enterprise session management feature - ability to use sessions after
+      even after a JVM restart.  -->
+  <cache name="shiro-activeSessionCache"
+         maxElementsInMemory="10000"
+         overflowToDisk="true"
+         eternal="true"
+         timeToLiveSeconds="0"
+         timeToIdleSeconds="0"
+         diskPersistent="true"
+         diskExpiryThreadIntervalSeconds="600"
+  />
+
+  <cache name="org.apache.shiro.realm.text.PropertiesRealm-0-accounts"
+         maxElementsInMemory="1000"
+         eternal="true"
+         overflowToDisk="true"
+  />
 
 </ehcache>

scm-plugin-backend/src/main/webapp/WEB-INF/ftl/admin/index.html

 <#include "../template/header.html">
 
-<h2>Admin</h2>
+<h2>Admin (${subject.name})</h2>
 
 <#include "../template/footer.html">
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for ProjectModifiedEvent.java.
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.