Author: bdaw Date: 2008-05-21 10:11:59 -0400 (Wed, 21 May 2008) New Revision: 10792 Added: branches/JBoss_Portal_Branch_2_6/core/src/main/org/jboss/portal/core/aspects/server/IdentityCacheInterceptor.java branches/JBoss_Portal_Branch_2_6/core/src/main/org/jboss/portal/core/identity/cache/ branches/JBoss_Portal_Branch_2_6/core/src/main/org/jboss/portal/core/identity/cache/CachedLDAPRoleModuleWrapper.java branches/JBoss_Portal_Branch_2_6/core/src/main/org/jboss/portal/core/identity/cache/CachedLDAPUserModuleWrapper.java branches/JBoss_Portal_Branch_2_6/core/src/main/org/jboss/portal/core/identity/cache/CachedUserProfileModuleWrapper.java branches/JBoss_Portal_Branch_2_6/core/src/main/org/jboss/portal/core/identity/cache/IdentityCacheService.java Modified: branches/JBoss_Portal_Branch_2_6/build/build-thirdparty.xml branches/JBoss_Portal_Branch_2_6/core/src/main/org/jboss/portal/core/identity/service/IdentityServiceControllerImpl.java branches/JBoss_Portal_Branch_2_6/core/src/resources/portal-core-sar/META-INF/jboss-service.xml branches/JBoss_Portal_Branch_2_6/core/src/resources/portal-core-sar/conf/login-config.xml Log: LDAP performance improvements Modified: branches/JBoss_Portal_Branch_2_6/build/build-thirdparty.xml =================================================================== --- branches/JBoss_Portal_Branch_2_6/build/build-thirdparty.xml 2008-05-21 13:27:04 UTC (rev 10791) +++ branches/JBoss_Portal_Branch_2_6/build/build-thirdparty.xml 2008-05-21 14:11:59 UTC (rev 10792) @@ -51,7 +51,7 @@ <componentref name="jboss-portal/modules/web" version="1.1.0"/> <componentref name="jboss-portal/modules/test" version="1.0.1"/> <componentref name="jboss-portal/modules/portlet" version="1.0.3"/> - <componentref name="jboss-portal/modules/identity" version="1.0.3"/> + <componentref name="jboss-portal/modules/identity" version="1.0-SNAPSHOT"/> <componentref name="antlr" version="2.7.6.ga"/> <componentref name="apache-ant" version="1.6.5"/> <componentref name="jackrabbit" version="1.1.1"/> Added: branches/JBoss_Portal_Branch_2_6/core/src/main/org/jboss/portal/core/aspects/server/IdentityCacheInterceptor.java =================================================================== --- branches/JBoss_Portal_Branch_2_6/core/src/main/org/jboss/portal/core/aspects/server/IdentityCacheInterceptor.java (rev 0) +++ branches/JBoss_Portal_Branch_2_6/core/src/main/org/jboss/portal/core/aspects/server/IdentityCacheInterceptor.java 2008-05-21 14:11:59 UTC (rev 10792) @@ -0,0 +1,88 @@ +/* +* JBoss, a division of Red Hat +* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated +* by the @authors tag. See the copyright.txt in the distribution for a +* full listing of individual contributors. +* +* This is free software; you can redistribute it and/or modify it +* under the terms of the GNU Lesser General Public License as +* published by the Free Software Foundation; either version 2.1 of +* the License, or (at your option) any later version. +* +* This software is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +* Lesser General Public License for more details. +* +* You should have received a copy of the GNU Lesser General Public +* License along with this software; if not, write to the Free +* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +* 02110-1301 USA, or see the FSF site: http://www.fsf.org. +*/ + +package org.jboss.portal.core.aspects.server; + +import org.jboss.portal.core.identity.cache.IdentityCacheService; +import org.jboss.portal.server.ServerInterceptor; +import org.jboss.portal.server.ServerInvocation; +import org.jboss.portal.common.invocation.InvocationException; +import org.jboss.logging.Logger; + +import javax.naming.InitialContext; +import javax.naming.NamingException; + +/** + * @author <a href="mailto:boleslaw dot dawidowicz at redhat anotherdot com">Boleslaw Dawidowicz</a> + * @version : 0.1 $ + */ +public class IdentityCacheInterceptor extends ServerInterceptor +{ + + /** Our logger. */ + private static final Logger log = Logger.getLogger(IdentityCacheInterceptor.class); + + private IdentityCacheService identityCacheService; + + public IdentityCacheService getIdentityCacheService() + { + if (identityCacheService == null) + { + try + { + identityCacheService = (IdentityCacheService)new InitialContext().lookup(IdentityCacheService.JNDI_NAME); + } + catch (NamingException e) + { + log.debug("Could not obtain IdentityCacheService. Setting empty wrapper"); + identityCacheService = new EmptyIdentityCache(); + } + } + return identityCacheService; + } + + protected void invoke(ServerInvocation invocation) throws Exception, InvocationException + { + + try + { + invocation.invokeNext(); + } + finally + { + IdentityCacheService cache = getIdentityCacheService(); + if (cache != null) + { + cache.cleanup(); + } + } + + } + + private class EmptyIdentityCache extends IdentityCacheService + { + public void cleanup() + { + // Do nothing + } + } +} Added: branches/JBoss_Portal_Branch_2_6/core/src/main/org/jboss/portal/core/identity/cache/CachedLDAPRoleModuleWrapper.java =================================================================== --- branches/JBoss_Portal_Branch_2_6/core/src/main/org/jboss/portal/core/identity/cache/CachedLDAPRoleModuleWrapper.java (rev 0) +++ branches/JBoss_Portal_Branch_2_6/core/src/main/org/jboss/portal/core/identity/cache/CachedLDAPRoleModuleWrapper.java 2008-05-21 14:11:59 UTC (rev 10792) @@ -0,0 +1,161 @@ +/* +* JBoss, a division of Red Hat +* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated +* by the @authors tag. See the copyright.txt in the distribution for a +* full listing of individual contributors. +* +* This is free software; you can redistribute it and/or modify it +* under the terms of the GNU Lesser General Public License as +* published by the Free Software Foundation; either version 2.1 of +* the License, or (at your option) any later version. +* +* This software is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +* Lesser General Public License for more details. +* +* You should have received a copy of the GNU Lesser General Public +* License along with this software; if not, write to the Free +* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +* 02110-1301 USA, or see the FSF site: http://www.fsf.org. +*/ + +package org.jboss.portal.core.identity.cache; + +import org.jboss.portal.identity.ldap.LDAPRoleModule; +import org.jboss.portal.identity.ldap.LDAPRoleImpl; +import org.jboss.portal.identity.RoleModule; +import org.jboss.portal.identity.Role; +import org.jboss.portal.identity.IdentityException; + +import javax.naming.NamingException; +import javax.naming.directory.Attributes; +import java.util.Set; +import java.util.List; +import java.util.HashSet; + +/** + * @author <a href="mailto:boleslaw dot dawidowicz at redhat anotherdot com">Boleslaw Dawidowicz</a> + * @version : 0.1 $ + */ +public class CachedLDAPRoleModuleWrapper extends LDAPRoleModule implements RoleModule +{ + private LDAPRoleModule ldapRoleModule; + + private IdentityCacheService cacheService; + + public CachedLDAPRoleModuleWrapper(LDAPRoleModule ldapRoleModule, IdentityCacheService cacheService) + { + this.ldapRoleModule = ldapRoleModule; + this.cacheService = cacheService; + } + + public Role findRoleByName(String name) throws IdentityException, IllegalArgumentException + { + Role role = cacheService.findRoleByName(name); + + if (role != null) + { + return role; + } + + return ldapRoleModule.findRoleByName(name); + } + + public Set findRolesByNames(String[] names) throws IdentityException, IllegalArgumentException + { + + //Check if all roles needed are in cache. If not just delegate to the wrapped module + Set roles = new HashSet(); + + for (String name : names) + { + Role role = cacheService.findRoleByName(name); + if (role != null) + { + roles.add(role); + } + else + { + roles = ldapRoleModule.findRolesByNames(names); + break; + } + } + + return roles; + } + + public Role findRoleById(Object id) throws IdentityException, IllegalArgumentException + { + Role role = cacheService.findRoleById(id); + + if (role != null) + { + return role; + } + + return ldapRoleModule.findRoleById(id); + } + + public Role findRoleById(String id) throws IdentityException, IllegalArgumentException + { + return this.findRoleById((Object)id); + } + + public Role createRole(String name, String displayName) throws IdentityException, IllegalArgumentException + { + Role role = ldapRoleModule.createRole(name, displayName); + + cacheService.storeRole(role); + + return role; + } + + public void removeRole(Object id) throws IdentityException, IllegalArgumentException + { + ldapRoleModule.removeRole(id); + + // Invalidate this role in cache + Role role = cacheService.findRoleById(id); + if (role != null) + { + cacheService.invalidateRole(role); + } + } + + public int getRolesCount() throws IdentityException + { + return ldapRoleModule.getRolesCount(); + } + + public Set findRoles() throws IdentityException + { + return ldapRoleModule.findRoles(); + } + + public List searchRoles(String filter, Object[] filterArgs) throws NamingException, IdentityException + { + return ldapRoleModule.searchRoles(filter, filterArgs); + } + + // Methods of LDAPRoleModule - need to delegate for compatibility + + public void updateDisplayName(LDAPRoleImpl ldapr, String name) throws IdentityException + { + ldapRoleModule.updateDisplayName(ldapr, name); + + cacheService.invalidateRole(ldapr); + } + + public LDAPRoleImpl createRoleInstance(Attributes attrs, String dn) throws IdentityException + { + return ldapRoleModule.createRoleInstance(attrs, dn); + } + + public Role findRoleByDN(String dn) throws IdentityException, IllegalArgumentException + { + return ldapRoleModule.findRoleByDN(dn); + } + + +} Added: branches/JBoss_Portal_Branch_2_6/core/src/main/org/jboss/portal/core/identity/cache/CachedLDAPUserModuleWrapper.java =================================================================== --- branches/JBoss_Portal_Branch_2_6/core/src/main/org/jboss/portal/core/identity/cache/CachedLDAPUserModuleWrapper.java (rev 0) +++ branches/JBoss_Portal_Branch_2_6/core/src/main/org/jboss/portal/core/identity/cache/CachedLDAPUserModuleWrapper.java 2008-05-21 14:11:59 UTC (rev 10792) @@ -0,0 +1,168 @@ +/* +* JBoss, a division of Red Hat +* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated +* by the @authors tag. See the copyright.txt in the distribution for a +* full listing of individual contributors. +* +* This is free software; you can redistribute it and/or modify it +* under the terms of the GNU Lesser General Public License as +* published by the Free Software Foundation; either version 2.1 of +* the License, or (at your option) any later version. +* +* This software is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +* Lesser General Public License for more details. +* +* You should have received a copy of the GNU Lesser General Public +* License along with this software; if not, write to the Free +* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +* 02110-1301 USA, or see the FSF site: http://www.fsf.org. +*/ + +package org.jboss.portal.core.identity.cache; + +import org.jboss.portal.identity.UserModule; +import org.jboss.portal.identity.User; +import org.jboss.portal.identity.IdentityException; +import org.jboss.portal.identity.NoSuchUserException; +import org.jboss.portal.identity.IdentityContext; +import org.jboss.portal.identity.UserProfileModule; +import org.jboss.portal.identity.Role; +import org.jboss.portal.identity.ldap.LDAPUserModule; +import org.jboss.portal.identity.ldap.LDAPUserImpl; +import org.jboss.portal.identity.ldap.LDAPConnectionContext; +import org.jboss.portal.identity.service.IdentityModuleService; + +import javax.naming.NamingException; +import javax.naming.directory.Attributes; +import java.util.Set; +import java.util.List; +import java.util.Map; + +/** + * @author <a href="mailto:boleslaw dot dawidowicz at redhat anotherdot com">Boleslaw Dawidowicz</a> + * @version : 0.1 $ + */ +public class CachedLDAPUserModuleWrapper extends LDAPUserModule implements UserModule +{ + private LDAPUserModule userModule; + + private IdentityCacheService cacheService; + + private static final org.jboss.logging.Logger log = org.jboss.logging.Logger.getLogger(CachedLDAPUserModuleWrapper.class); + + public CachedLDAPUserModuleWrapper(LDAPUserModule userModule, IdentityCacheService cacheService) + { + this.userModule = userModule; + this.cacheService = cacheService; + } + + + public User findUserByUserName(String userName) throws IdentityException, IllegalArgumentException, NoSuchUserException + { + if (userName == null) + { + throw new IllegalArgumentException("UserName cannot be null"); + } + + User user = cacheService.findUserByUserName(userName); + + if (user != null) + { + return user; + } + + user = userModule.findUserByUserName(userName); + + cacheService.storeUser(user); + + return user; + } + + public User findUserById(Object id) throws IdentityException, IllegalArgumentException, NoSuchUserException + { + if (id == null) + { + throw new IllegalArgumentException("User id cannot be null"); + } + + User user = cacheService.findUserById(id); + + if (user != null) + { + return user; + } + + user = userModule.findUserById(id); + + cacheService.storeUser(user); + + return user; + } + + public User findUserById(String id) throws IdentityException, IllegalArgumentException, NoSuchUserException + { + return findUserById((Object)id); + } + + public User createUser(String userName, String password) throws IdentityException, IllegalArgumentException + { + return userModule.createUser(userName, password); + } + + public void removeUser(Object id) throws IdentityException, IllegalArgumentException + { + userModule.removeUser(id); + + // Invalidate this user in cache + User user = cacheService.findUserById(id); + if (user != null) + { + cacheService.invalidateUser(user); + } + } + + public Set findUsers(int offset, int limit) throws IdentityException, IllegalArgumentException + { + return userModule.findUsers(offset, limit); + } + + public Set findUsersFilteredByUserName(String filter, int offset, int limit) throws IdentityException, IllegalArgumentException + { + return userModule.findUsersFilteredByUserName(filter, offset, limit); + } + + public int getUserCount() throws IdentityException, IllegalArgumentException + { + return userModule.getUserCount(); + } + + public List searchUsers(String filter, Object[] filterArgs) throws NamingException, IdentityException + { + return userModule.searchUsers(filter, filterArgs); + } + + public void updatePassword(LDAPUserImpl ldapu, String password) throws IdentityException + { + userModule.updatePassword(ldapu, password); + } + + public boolean validatePassword(LDAPUserImpl ldapu, String password) throws IdentityException + { + return userModule.validatePassword(ldapu, password); + } + + // Methods of LDAPUserModule - need to delegate for compatibility + public LDAPUserImpl createUserInstance(Attributes attrs, String dn) throws IdentityException + { + return userModule.createUserInstance(attrs, dn); + } + + public User findUserByDN(String dn) throws IdentityException, IllegalArgumentException, NoSuchUserException + { + return userModule.findUserByDN(dn); + } + + +} Added: branches/JBoss_Portal_Branch_2_6/core/src/main/org/jboss/portal/core/identity/cache/CachedUserProfileModuleWrapper.java =================================================================== --- branches/JBoss_Portal_Branch_2_6/core/src/main/org/jboss/portal/core/identity/cache/CachedUserProfileModuleWrapper.java (rev 0) +++ branches/JBoss_Portal_Branch_2_6/core/src/main/org/jboss/portal/core/identity/cache/CachedUserProfileModuleWrapper.java 2008-05-21 14:11:59 UTC (rev 10792) @@ -0,0 +1,95 @@ +/* +* JBoss, a division of Red Hat +* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated +* by the @authors tag. See the copyright.txt in the distribution for a +* full listing of individual contributors. +* +* This is free software; you can redistribute it and/or modify it +* under the terms of the GNU Lesser General Public License as +* published by the Free Software Foundation; either version 2.1 of +* the License, or (at your option) any later version. +* +* This software is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +* Lesser General Public License for more details. +* +* You should have received a copy of the GNU Lesser General Public +* License along with this software; if not, write to the Free +* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +* 02110-1301 USA, or see the FSF site: http://www.fsf.org. +*/ + +package org.jboss.portal.core.identity.cache; + +import org.jboss.portal.identity.UserProfileModule; +import org.jboss.portal.identity.User; +import org.jboss.portal.identity.IdentityException; +import org.jboss.portal.identity.info.ProfileInfo; +import org.jboss.logging.Logger; + +import java.util.Map; + +/** + * @author <a href="mailto:boleslaw dot dawidowicz at redhat anotherdot com">Boleslaw Dawidowicz</a> + * @version : 0.1 $ + */ +public class CachedUserProfileModuleWrapper implements UserProfileModule +{ + + private static final Logger log = Logger.getLogger(CachedUserProfileModuleWrapper.class); + + private UserProfileModule userProfileModule; + + private IdentityCacheService cacheService; + + public CachedUserProfileModuleWrapper(UserProfileModule userProfileModule, IdentityCacheService identityCacheService) + { + this.userProfileModule = userProfileModule; + this.cacheService = identityCacheService; + } + + public Object getProperty(User user, String propertyName) throws IdentityException, IllegalArgumentException + { + // Just grab the whole profile and check if this property is there + + Map profile = this.getProperties(user); + + if (profile != null && profile.containsKey(propertyName)) + { + + return profile.get(propertyName); + } + + // else delegate to the wrapped implementation + + return userProfileModule.getProperty(user, propertyName); + + } + + public void setProperty(User user, String name, Object property) throws IdentityException, IllegalArgumentException + { + userProfileModule.setProperty(user, name, property); + cacheService.invalidateProfile(user); + + } + + public Map getProperties(User user) throws IdentityException, IllegalArgumentException + { + Map profile = cacheService.findUserProfileById(user.getId()); + + if (profile != null) + { + return profile; + } + + profile = userProfileModule.getProperties(user); + cacheService.storeProfile(user, profile); + return profile; + } + + public ProfileInfo getProfileInfo() throws IdentityException + { + return userProfileModule.getProfileInfo(); + } +} Added: branches/JBoss_Portal_Branch_2_6/core/src/main/org/jboss/portal/core/identity/cache/IdentityCacheService.java =================================================================== --- branches/JBoss_Portal_Branch_2_6/core/src/main/org/jboss/portal/core/identity/cache/IdentityCacheService.java (rev 0) +++ branches/JBoss_Portal_Branch_2_6/core/src/main/org/jboss/portal/core/identity/cache/IdentityCacheService.java 2008-05-21 14:11:59 UTC (rev 10792) @@ -0,0 +1,258 @@ +/* +* JBoss, a division of Red Hat +* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated +* by the @authors tag. See the copyright.txt in the distribution for a +* full listing of individual contributors. +* +* This is free software; you can redistribute it and/or modify it +* under the terms of the GNU Lesser General Public License as +* published by the Free Software Foundation; either version 2.1 of +* the License, or (at your option) any later version. +* +* This software is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +* Lesser General Public License for more details. +* +* You should have received a copy of the GNU Lesser General Public +* License along with this software; if not, write to the Free +* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +* 02110-1301 USA, or see the FSF site: http://www.fsf.org. +*/ + +package org.jboss.portal.core.identity.cache; + +import org.jboss.portal.identity.User; +import org.jboss.portal.identity.Role; + +import java.util.Map; +import java.util.HashMap; + +/** + * @author <a href="mailto:boleslaw dot dawidowicz at redhat anotherdot com">Boleslaw Dawidowicz</a> + * @version : 0.1 $ + */ +public class IdentityCacheService +{ + private static final org.jboss.logging.Logger log = org.jboss.logging.Logger.getLogger(IdentityCacheService.class); + + public final static String JNDI_NAME = "java:portal/IdentityCacheService"; + + protected ThreadLocal<Map<String, User>> userNameCache = new ThreadLocal<Map<String, User>>(); + + protected ThreadLocal<Map<Object, User>> userIdCache = new ThreadLocal<Map<Object, User>>(); + + protected ThreadLocal<Map<Object, Map>> profileCache = new ThreadLocal<Map<Object, Map>>(); + + protected ThreadLocal<Map<String, Role>> roleNameCache = new ThreadLocal<Map<String, Role>>(); + + protected ThreadLocal<Map<Object, Role>> roleIdCache = new ThreadLocal<Map<Object, Role>>(); + + + public void cleanup() + { + userNameCache.set(null); + userIdCache.set(null); + profileCache.set(null); + roleNameCache.set(null); + roleIdCache.set(null); + + log.debug("Identity cache invalidated"); + } + + private Map<String, User> getUserNameCache() + { + if (userNameCache.get() == null) + { + userNameCache.set(new HashMap<String, User>()); + } + return userNameCache.get(); + } + + private Map<Object, User> getUserIdCache() + { + if (userIdCache.get() == null) + { + userIdCache.set(new HashMap<Object, User>()); + } + return userIdCache.get(); + } + + private Map<Object, Map> getProfileCache() + { + if (profileCache.get() == null) + { + profileCache.set(new HashMap<Object, Map>()); + } + return profileCache.get(); + } + + private Map<String, Role> getRoleNameCache() + { + if (roleNameCache.get() == null) + { + roleNameCache.set(new HashMap<String, Role>()); + } + return roleNameCache.get(); + } + + private Map<Object, Role> getRoleIdCache() + { + if (roleIdCache.get() == null) + { + roleIdCache.set(new HashMap<Object, Role>()); + } + return roleIdCache.get(); + } + + public void storeUser(User user) + { + // We want to be transparent so just ignore null argument + if (user != null) + { + getUserIdCache().put(user.getId(), user); + getUserNameCache().put(user.getUserName(), user); + + if (log.isDebugEnabled()) + { + log.debug("User cached for id=" + user.getId() + "; username=" + user.getUserName()); + } + } + } + + public void invalidateUser(User user) + { + // We want to be transparent so just ignore null argument + if (user != null) + { + getUserIdCache().put(user.getId(), null); + getUserNameCache().put(user.getUserName(), null); + + if (log.isDebugEnabled()) + { + log.debug("User invalidated in cache for id=" + user.getId() + "; username=" + user.getUserName()); + } + } + } + + public void storeProfile(User user, Map profile) + { + // We want to be transparent so just ignore null argument + if (user != null && profile != null) + { + getProfileCache().put(user.getId(), profile); + + if (log.isDebugEnabled()) + { + log.debug("User profile cached for id=" + user.getId()); + } + } + } + + + public void invalidateProfile(User user) + { + // We want to be transparent so just ignore null argument + if (user != null) + { + getProfileCache().put(user.getId(), null); + + if (log.isDebugEnabled()) + { + log.debug("User profile invalidated in cache for id=" + user.getId()); + } + } + } + + public void storeRole(Role role) + { + // We want to be transparent so just ignore null argument + if (role != null) + { + getRoleIdCache().put(role.getId(), role); + getRoleNameCache().put(role.getName(), role); + + if (log.isDebugEnabled()) + { + log.debug("Role cached for id=" + role.getId() + "; name=" + role.getName()); + } + } + } + + public void invalidateRole(Role role) + { + // We want to be transparent so just ignore null argument + if (role != null) + { + getRoleIdCache().put(role.getId(), null); + getRoleNameCache().put(role.getName(), null); + + if (log.isDebugEnabled()) + { + log.debug("Role invalidated in cache for id=" + role.getId() + "; name=" + role.getName()); + } + } + } + + public User findUserByUserName(String userName) + { + User user = getUserNameCache().get(userName); + + if (user != null && log.isDebugEnabled()) + { + log.debug("User retreived from cache for username=" + user.getUserName()); + } + + return user; + } + + public User findUserById(Object id) + { + User user = getUserIdCache().get(id); + + if (user != null && log.isDebugEnabled()) + { + log.debug("User retreived from cache for id=" + user.getId()); + } + + return user; + } + + public Map findUserProfileById(Object id) + { + Map profile = getProfileCache().get(id); + + if (profile != null && log.isDebugEnabled()) + { + log.debug("User profile retreived from cache for user id=" + id); + } + + return profile; + } + + public Role findRoleByName(String roleName) + { + Role role = getRoleNameCache().get(roleName); + + if (role != null && log.isDebugEnabled()) + { + log.debug("Role retreived from cache for name=" + role.getName()); + } + + return role; + } + + public Role findRoleById(Object id) + { + Role role = getRoleIdCache().get(id); + + if (role != null && log.isDebugEnabled()) + { + log.debug("Role retreived from cache for id=" + role.getId()); + } + + return role; + } + + +} Modified: branches/JBoss_Portal_Branch_2_6/core/src/main/org/jboss/portal/core/identity/service/IdentityServiceControllerImpl.java =================================================================== --- branches/JBoss_Portal_Branch_2_6/core/src/main/org/jboss/portal/core/identity/service/IdentityServiceControllerImpl.java 2008-05-21 13:27:04 UTC (rev 10791) +++ branches/JBoss_Portal_Branch_2_6/core/src/main/org/jboss/portal/core/identity/service/IdentityServiceControllerImpl.java 2008-05-21 14:11:59 UTC (rev 10792) @@ -30,16 +30,31 @@ import org.jboss.portal.identity.IdentityException; import org.jboss.portal.identity.IdentityServiceController; import org.jboss.portal.identity.ServiceJNDIBinder; +import org.jboss.portal.identity.UserModule; +import org.jboss.portal.identity.UserProfileModule; +import org.jboss.portal.identity.DelegatingUserProfileModuleImpl; +import org.jboss.portal.identity.RoleModule; +import org.jboss.portal.identity.ldap.LDAPUserModule; +import org.jboss.portal.identity.ldap.LDAPUserProfileModule; +import org.jboss.portal.identity.ldap.LDAPRoleModule; import org.jboss.portal.identity.boot.IdentityServiceLoader; import org.jboss.portal.identity.event.IdentityEvent; import org.jboss.portal.identity.event.IdentityEventBroadcaster; import org.jboss.portal.identity.metadata.service.IdentityServicesMetaData; +import org.jboss.portal.identity.metadata.service.ModuleServiceMetaData; +import org.jboss.portal.identity.metadata.config.ModuleMetaData; import org.jboss.portal.identity.service.IdentityConfigurationService; +import org.jboss.portal.identity.service.UserProfileModuleService; import org.jboss.portal.jems.as.JNDI; import org.jboss.portal.jems.as.system.AbstractJBossService; import org.jboss.portal.jems.as.system.JBossServiceModelMBean; +import org.jboss.portal.core.identity.cache.CachedLDAPUserModuleWrapper; +import org.jboss.portal.core.identity.cache.IdentityCacheService; +import org.jboss.portal.core.identity.cache.CachedUserProfileModuleWrapper; +import org.jboss.portal.core.identity.cache.CachedLDAPRoleModuleWrapper; import javax.management.ObjectName; +import java.util.List; /** * @author <a href="mailto:boleslaw dot dawidowicz at jboss.org">Boleslaw Dawidowicz</a> @@ -64,6 +79,8 @@ private IdentityEventBroadcaster identityEventBroadcaster; + private boolean ldapIdentityCache = true; + /** . */ protected Kernel kernel; @@ -154,6 +171,209 @@ serviceLoader.bootstrapModules(servicesMetaData.getModuleServices().getModulesList()); + UserModule userModule = (UserModule)identityContext.getObject(IdentityContext.TYPE_USER_MODULE); + + RoleModule roleModule = (RoleModule)identityContext.getObject(IdentityContext.TYPE_ROLE_MODULE); + + UserProfileModule userProfileModule = (UserProfileModule)identityContext.getObject(IdentityContext.TYPE_USER_PROFILE_MODULE); + + + // For performance reasons we inject a wrapper around some identity modules to cache the calls. This is optional + // and apply only to LDAP implementation of modules. Cache is request scoped and invalidated in server interceptor + // IdentityCacheInterceptor + + if (isLdapIdentityCache()) + { + ServiceJNDIBinder binder = new SimpleServiceJNDIBinder(); + + IdentityCacheService cacheService = new IdentityCacheService(); + + binder.bind(IdentityCacheService.JNDI_NAME, cacheService); + + List modules = servicesMetaData.getModuleServices().getModulesList(); + + if (userModule instanceof LDAPUserModule) + { + LDAPUserModule ldapUserModule = (LDAPUserModule)userModule; + + // Unregister in IdentityContext + + identityContext.unregister(IdentityContext.TYPE_USER_MODULE); + + // Unregister in JNDI + + binder.unbind(ldapUserModule.getJNDIName()); + + // Un/egister mbean + + String serviceName = null; + + // Discover serviceName for this module type + + for (Object moduleData : modules) + { + ModuleServiceMetaData moduleService = (ModuleServiceMetaData)moduleData; + ModuleMetaData module = moduleService.getModuleData(); + + if (module.getType().equals(ldapUserModule.getModuleType())) + { + serviceName = module.getServiceName(); + break; + } + } + + // If we have the service name then follow with registration + + if (serviceName != null) + { + // Unregister + + ObjectName on = new ObjectName(serviceName); + if (getServer().isRegistered(on)) + { + getServer().unregisterMBean(on); + } + } + + + CachedLDAPUserModuleWrapper userModuleWrapper = new CachedLDAPUserModuleWrapper((LDAPUserModule)userModule, cacheService); + + // Register wrapper + identityContext.register(userModuleWrapper, ldapUserModule.getModuleType()); + binder.bind(ldapUserModule.getJNDIName(), userModuleWrapper); + + if (serviceName != null) + { + // Register + + JBossServiceModelMBean mbean = new JBossServiceModelMBean(userModuleWrapper); + getServer().registerMBean(mbean, new ObjectName(serviceName)); + } + + } + + if (roleModule instanceof LDAPRoleModule) + { + LDAPRoleModule ldapRoleModule = (LDAPRoleModule)roleModule; + + // Unregister in IdentityContext + + identityContext.unregister(IdentityContext.TYPE_ROLE_MODULE); + + // Unregister in JNDI + + binder.unbind(ldapRoleModule.getJNDIName()); + + // Un/egister mbean + + String serviceName = null; + + // Discover serviceName for this module type + + for (Object moduleData : modules) + { + ModuleServiceMetaData moduleService = (ModuleServiceMetaData)moduleData; + ModuleMetaData module = moduleService.getModuleData(); + + if (module.getType().equals(ldapRoleModule.getModuleType())) + { + serviceName = module.getServiceName(); + break; + } + } + + // If we have the service name then follow with registration + + if (serviceName != null) + { + // Unregister + + ObjectName on = new ObjectName(serviceName); + if (getServer().isRegistered(on)) + { + getServer().unregisterMBean(on); + } + } + + + CachedLDAPRoleModuleWrapper roleModuleWrapper = new CachedLDAPRoleModuleWrapper((LDAPRoleModule)roleModule, cacheService); + + // Register wrapper + identityContext.register(roleModuleWrapper, ldapRoleModule.getModuleType()); + binder.bind(ldapRoleModule.getJNDIName(), roleModuleWrapper); + + if (serviceName != null) + { + // Register + + JBossServiceModelMBean mbean = new JBossServiceModelMBean(roleModuleWrapper); + getServer().registerMBean(mbean, new ObjectName(serviceName)); + } + + } + + if (userProfileModule instanceof LDAPUserProfileModule || + userProfileModule instanceof DelegatingUserProfileModuleImpl) + { + UserProfileModuleService profileModuleService = (UserProfileModuleService)userProfileModule; + + // Unregister in IdentityContext + + identityContext.unregister(IdentityContext.TYPE_USER_PROFILE_MODULE); + + // Unregister in JNDI + + binder.unbind(profileModuleService.getJNDIName()); + + // Un/egister mbean + + String serviceName = null; + + // Discover serviceName for this module type + + for (Object moduleData : modules) + { + ModuleServiceMetaData moduleService = (ModuleServiceMetaData)moduleData; + ModuleMetaData module = moduleService.getModuleData(); + + if (module.getType().equals(profileModuleService.getModuleType())) + { + serviceName = module.getServiceName(); + break; + } + } + + // If we have the service name then follow with registration + + if (serviceName != null) + { + // Unregister + + ObjectName on = new ObjectName(serviceName); + if (getServer().isRegistered(on)) + { + getServer().unregisterMBean(on); + } + } + + CachedUserProfileModuleWrapper userProfileModuleWrapper = new CachedUserProfileModuleWrapper(userProfileModule, cacheService); + + // Register wrapper + + identityContext.register(userProfileModuleWrapper, profileModuleService.getModuleType()); + binder.bind(profileModuleService.getJNDIName(), userProfileModuleWrapper); + + if (serviceName != null) + { + // Register + + JBossServiceModelMBean mbean = new JBossServiceModelMBean(userProfileModuleWrapper); + getServer().registerMBean(mbean, new ObjectName(serviceName)); + } + + } + } + } catch (Throwable e) { @@ -257,4 +477,14 @@ { this.identityEventBroadcaster = identityEventBroadcaster; } + + public boolean isLdapIdentityCache() + { + return ldapIdentityCache; + } + + public void setLdapIdentityCache(boolean ldapIdentityCache) + { + this.ldapIdentityCache = ldapIdentityCache; + } } Modified: branches/JBoss_Portal_Branch_2_6/core/src/resources/portal-core-sar/META-INF/jboss-service.xml =================================================================== --- branches/JBoss_Portal_Branch_2_6/core/src/resources/portal-core-sar/META-INF/jboss-service.xml 2008-05-21 13:27:04 UTC (rev 10791) +++ branches/JBoss_Portal_Branch_2_6/core/src/resources/portal-core-sar/META-INF/jboss-service.xml 2008-05-21 14:11:59 UTC (rev 10792) @@ -155,6 +155,13 @@ <xmbean/> </mbean> <mbean + code="org.jboss.portal.core.aspects.server.IdentityCacheInterceptor" + name="portal:service=Interceptor,type=Server,name=IdentityCache" + xmbean-dd="" + xmbean-code="org.jboss.portal.jems.as.system.JBossServiceModelMBean"> + <xmbean/> + </mbean> + <mbean code="org.jboss.portal.server.impl.invocation.JBossInterceptorStackFactory" name="portal:service=InterceptorStackFactory,type=Server" xmbean-dd="" @@ -163,6 +170,7 @@ <depends-list optional-attribute-name="InterceptorNames"> <depends-list-element>portal:service=Interceptor,type=Server,name=SessionLock</depends-list-element> <depends-list-element>portal:service=Interceptor,type=Server,name=Transaction</depends-list-element> + <depends-list-element>portal:service=Interceptor,type=Server,name=IdentityCache</depends-list-element> <depends-list-element>portal:service=Interceptor,type=Server,name=UserEvent</depends-list-element> <depends-list-element>portal:service=Interceptor,type=Server,name=SessionInvalidator</depends-list-element> <depends-list-element>portal:service=Interceptor,type=Server,name=User</depends-list-element> Modified: branches/JBoss_Portal_Branch_2_6/core/src/resources/portal-core-sar/conf/login-config.xml =================================================================== --- branches/JBoss_Portal_Branch_2_6/core/src/resources/portal-core-sar/conf/login-config.xml 2008-05-21 13:27:04 UTC (rev 10791) +++ branches/JBoss_Portal_Branch_2_6/core/src/resources/portal-core-sar/conf/login-config.xml 2008-05-21 14:11:59 UTC (rev 10792) @@ -33,20 +33,19 @@ </authentication> </application-policy> - <application-policy name="portal"> - <authentication> + <application-policy name="portal"> + <authentication> - <!--To configure LDAP support with IdentityLoginModule please check documentation on how to - configure portal identity modules for this--> - <login-module code="org.jboss.portal.identity.auth.IdentityLoginModule" flag="required"> - <module-option name="unauthenticatedIdentity">guest</module-option> - <module-option name="userModuleJNDIName">java:/portal/UserModule</module-option> - <module-option name="roleModuleJNDIName">java:/portal/RoleModule</module-option> - <module-option name="userProfileModuleJNDIName">java:/portal/UserProfileModule</module-option> - <module-option name="membershipModuleJNDIName">java:/portal/MembershipModule</module-option> - <module-option name="additionalRole">Authenticated</module-option> - <module-option name="password-stacking">useFirstPass</module-option> - </login-module> + <!--To configure LDAP support with IdentityLoginModule please check documentation on how to + configure portal identity modules for this--> + <login-module code="org.jboss.portal.identity.auth.IdentityLoginModule" flag="required"> + <module-option name="unauthenticatedIdentity">guest</module-option> + <module-option name="userModuleJNDIName">java:/portal/UserModule</module-option> + <module-option name="roleModuleJNDIName">java:/portal/RoleModule</module-option> + <module-option name="userProfileModuleJNDIName">java:/portal/UserProfileModule</module-option> + <module-option name="membershipModuleJNDIName">java:/portal/MembershipModule</module-option> + <module-option name="additionalRole">Authenticated</module-option> + </login-module> <!--Use can use this module instead of IdentityLoginModule to bind to LDAP. It simply extends JBossSX LdapExtLoginModule so all configuration that can be applied to LdapExtLoginModule also can be applied here. For user that