Eclipse Community Forums
Forum Search:

Search      Help    Register    Login    Home
Home » Eclipse Projects » scout » Clearing permission cache
Clearing permission cache [message #1424817] Tue, 16 September 2014 13:03 Go to next message
Thomas Schär is currently offline Thomas SchärFriend
Messages: 4
Registered: February 2014
Junior Member
Hi!

When using permissions I want to make sure that whenever the client is restarted, the permissions are reloaded. I chose to clear the permission cache on server side when loading a new ServerSession. So the implementation in my ServerSession looks like:
...
  @Override
  protected void execLoadSession() throws ProcessingException {
    IAccessControlService service = SERVICES.getService(IAccessControlService.class);
    service.clearCacheOfUserIds(userid);
    super.execLoadSession();
    ...
  }

Is this the correct and a safe place to clear the cache? If I want to clear the cache on client runtime, I clear the cache on client side AND on server side.

When solving this problem we discussed the following questions:

  • Why are the permissions stored in a global cache which exists as long as the server is running? Why are they not bound directly to the session?
  • Is the implementation of the cache (with a simple HashMap) robust enough for concurrent queries from a lot of clients? Have there been any load tests on this issue yet?


Thanks in advance for answering my questions (especially the rather general ones)!
Thomas
Re: Clearing permission cache [message #1424918 is a reply to message #1424817] Tue, 16 September 2014 15:49 Go to previous message
Jeremie Bresson is currently offline Jeremie BressonFriend
Messages: 1243
Registered: October 2011
Senior Member
I think the idea behind the default implementation of the AccessControlStore is:
1/ The cache is cleared when the database tables responsible for authorization (users, roles, permissions...) are updated.
2/ When a user re-login, if the server is still running we do not need to reload the permissions and can just get them form the server in memory cache.

In our company we develop BSI CRM and BSI Contact Center with Eclipse Scout.
Those are real productive applications with a lot of user. We integrate the application by a lot of customer and in most of the case there are some last tests on the client infrastructure.

I just spoke with developers about your question, and it occurs that they are not using the AccessControlStore provided by Scout (from what I understood they have an improved version or something like that)

Can you define what is "a lot" of concurrent users in your case?

If you run some tests, please let us know. I think there is no reason (beside time and money) why we did not move their solution (or a similar one) inside the Eclipse Scout Framework. So do not hesitate to report your findings and your needs. We should be able to move forward on this topic.
Previous Topic:No application id has been found
Next Topic:AbstractStandaloneRwtEnvironment cannot be resolved to a type
Goto Forum:
  


Current Time: Thu Oct 19 00:20:45 GMT 2017

Powered by FUDForum. Page generated in 0.02787 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software