The implementation of cache authorization in Infinispan has traditionally followed the JAAS model of wrapping calls in a PrivilegedAction invoked through Subject.doAs(). This led to the following cumbersome pattern:
We also provided an implementation which, instead of relying on enabling the SecurityManager, could use a lighter and faster ThreadLocal for storing the Subject:
While this solves the performance issue, it still leads to unreadable code.
This is why, in Infinispan 9.1 we have introduced a new way to perform authorization on caches:
Obviously, for multiple invocations, you can hold on to the "impersonated" cache and reuse it:
We hope this will make your life simpler and your code more readable !
Monday, 19 June 2017
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment