zoukankan      html  css  js  c++  java
  • Shiro 修改权限,刷新权限

    shiro 访问鉴权:Realm

    AuthorizingRealm->doGetAuthorizationInfo
    doGetAuthorizationInfo
    
    protected abstract AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals)
    
    Retrieves the AuthorizationInfo for the given principals from the underlying data store. When returning an instance from this method, you might want to consider using an instance of SimpleAuthorizationInfo, as it is suitable in most cases.
    
    Parameters:
    
    principals - the primary identifying principals of the AuthorizationInfo that should be retrieved.
    
    Returns:
    
    the AuthorizationInfo associated with this principals.
    
    See Also:
    
    SimpleAuthorizationInfo

    shiro 需要访问数据库查询权限信息。

    结合缓存框架,第一次查询权限信息后缓存,在缓存生存期内,访问鉴权使用缓存中的权限信息。

    优点:减少数据库查询,缓存快速获取,提升了每次访问效率,减少了数据库压力。

    缺点:涉及权限修改,生效会有一个最大缓存生存周期的间隔期。

    解决方法:

    每次修改权限后,调用 clearCachedAuthorizationInfo 刷新权限:

    clearCachedAuthorizationInfo
    
    protected void clearCachedAuthorizationInfo(PrincipalCollection principals)
    
    Clears out the AuthorizationInfo cache entry for the specified account.
    
    This method is provided as a convenience to subclasses so they can invalidate a cache entry when they change an account's authorization data (add/remove roles or permissions) during runtime. Because an account's AuthorizationInfo can be cached, there needs to be a way to invalidate the cache for only that account so that subsequent authorization operations don't used the (old) cached value if account data changes.
    
    
    
    After this method is called, the next authorization check for that same account will result in a call to getAuthorizationInfo, and the resulting return value will be cached before being returned so it can be reused for later authorization checks.
    
    
    
    If you wish to clear out all associated cached data (and not just authorization data), use the CachingRealm.clearCache(org.apache.shiro.subject.PrincipalCollection) method instead (which will in turn call this method by default).
    
    
    
    Parameters:
    
    principals - the principals of the account for which to clear the cached AuthorizationInfo.



    示例项目:https://github.com/windwant/spring-dubbo-service

    https://github.com/windwant/spring-boot-service

  • 相关阅读:
    Objective-C马路成魔【14-关键C语言功能】
    js正则表达式语法
    Python 得到Twitter所有用户friends和followers
    error:stray'243'in program
    VC各种方法获得的窗口句柄
    新东方雅思词汇---5.2
    php中this,self,parent三个关键字的区别辨析
    英语影视台词---一、少年派的奇幻漂流
    英语常用单词分类---1
    amazeui的表单开关插件的自定义事件必须添加.bootstrapSwitch 命名空间,给了我们什么启示
  • 原文地址:https://www.cnblogs.com/niejunlei/p/8383895.html
Copyright © 2011-2022 走看看