Menu
I tried to update to EhCache 3, but noticed that my AclConfig for spring-security-acl no longer works. The reason is EhCacheBasedAclCache still uses import net.sf.ehcache.Ehcache. EhCache moved to org.ehcache since version 3 and thus this no longer works. Is there a replacement class provided by spring for EhCache 3 or would i need to implement my own Acl Cache?
This is the code, which no longer works:
@Bean
public EhCacheBasedAclCache aclCache() {
return new EhCacheBasedAclCache(aclEhCacheFactoryBean().getObject(),
permissionGrantingStrategy(), aclAuthorizationStrategy());
}
954
Spring Security Access Control List is a Spring component which supports Domain Object Security. Simply put, Spring ACL helps in defining permissions for specific user/role on a single domain object – instead of across the board, at the typical per-operation level.
Permission. Interfaces and shared classes to manage access control lists (ACLs) for domain object instances. Basic implementation of access control lists (ACLs) interfaces.
An Access Control List (ACL) is a data structure that guards access to resources. The java. security. acl package provides the interface to such a data structure and the sun.
I added bounty to your question because I'm also looking for a more authoritative answer.
Here's a solution that works, but there could be a better approach & cache settings could be tuned specifically for acl.
1) The JdbcMutableAclService accepts any AclCache implementation, not just EhCacheBasedAclCache. Immediately available implementation is SpringCacheBasedAclCache. You could also implement your own.
2) Enable ehcache3 in your project with Spring Cache as abstraction. In Spring Boot this is as simple as using @EnableCache annotation. Then add @Autowired CacheManager cacheManager in your bean configuration class.
3) Update your ehcache3.xml with entry for aclCache
note - key is Serializable because Spring acl inserts cache entries keyed on both Long and ObjectIdentity :)
<cache alias="aclCache">
<key-type>java.io.Serializable</key-type>
<value-type>org.springframework.security.acls.model.MutableAcl</value-type>
<expiry>
<ttl unit="seconds">3600</ttl>
</expiry>
<resources>
<heap unit="entries">2000</heap>
<offheap unit="MB">10</offheap>
</resources>
</cache>
4) Replace your EhCacheBasedAclCache bean with SpringCacheBasedAclCache like so:
@Bean
public AclCache aclCache() {
return new SpringCacheBasedAclCache(
cacheManager.getCache("aclCache"),
permissionGrantingStrategy(),
aclAuthorizationStrategy());
}
5) Use aclCache() in JdbcMutableAclService constructor
174
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
