本文共 3295 字，大约阅读时间需要 10 分钟。

shiro缓存

缓存是提供性能的重要手段。缓存适合那些经常不变动的数据，比如系统中用户的信息和权限不会经常改变，特别适合缓存起来供下次使用。这样减少了系统查询数据库的次数，提升了性能。shiro自身不实现缓存，而是提供缓存接口，让其他第三方实现，经常EHcache缓存。

shiro配置EHcache(spring-shiro-web.xml)

ehcache的配置

认证中缓存的使用(AuthenticatingRealm 类)

shiro主要使用AuthenticatingRealm 类进行认证，其中getAuthenticationInfo方法中使用了缓存。在getAuthenticationInfo中，首先判断是否有缓存记录，没有的话，再调用子类Ream的doGetAuthenticationInfo方法查询数据库，再将查询到数据缓存起来，下次就不用查询数据库。核心代码：

public final AuthenticationInfo getAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {        //首先从缓存中获取记录        AuthenticationInfo info = getCachedAuthenticationInfo(token);        if (info == null) {            //otherwise not cached, perform the lookup:            info = doGetAuthenticationInfo(token);            log.debug("Looked up AuthenticationInfo [{}] from doGetAuthenticationInfo", info);            if (token != null && info != null) {                  //将记录缓存起来                cacheAuthenticationInfoIfPossible(token, info);            }        } else {            log.debug("Using cached authentication info [{}] to perform credentials matching.", info);        }        if (info != null) {            assertCredentialsMatch(token, info);        } else {            log.debug("No AuthenticationInfo found for submitted AuthenticationToken [{}].  Returning null.", token);        }        return info;    }

授权中缓存的使用(AuthorizingRealm类)

主要实现为AuthorizingRealm类中getAuthorizationInfo方法。过程和认证挺相似，首先找缓存，没有的话再去数据库找。核心代码如下：

protected AuthorizationInfo getAuthorizationInfo(PrincipalCollection principals) {        if (principals == null) {            return null;        }        AuthorizationInfo info = null;        if (log.isTraceEnabled()) {            log.trace("Retrieving AuthorizationInfo for principals [" + principals + "]");        }        Cache
   
     cache = getAvailableAuthorizationCache();        if (cache != null) {            if (log.isTraceEnabled()) {                log.trace("Attempting to retrieve the AuthorizationInfo from cache.");            }            Object key = getAuthorizationCacheKey(principals);            info = cache.get(key);            if (log.isTraceEnabled()) {                if (info == null) {                    log.trace("No AuthorizationInfo found in cache for principals [" + principals + "]");                } else {                    log.trace("AuthorizationInfo found in cache for principals [" + principals + "]");                }            }        }        if (info == null) {            // Call template method if the info was not found in a cache            info = doGetAuthorizationInfo(principals);            // If the info is not null and the cache has been created, then cache the authorization info.            if (info != null && cache != null) {                if (log.isTraceEnabled()) {                    log.trace("Caching authorization info for principals: [" + principals + "].");                }                Object key = getAuthorizationCacheKey(principals);                cache.put(key, info);            }        }        return info;    }
   

源码

托管在

转载地址：http://hthrb.baihongyu.com/