Package io.dropwizard.auth

Class CachingAuthorizer<P extends Principal>

  • Type Parameters:
    P - the type of principals on which the authorizer operates
    All Implemented Interfaces:
    Authorizer<P>
    public class CachingAuthorizer<P extends Principal>
extends Object
implements Authorizer<P>
    An Authorizer decorator which uses a Guava Cache to temporarily cache principals' role associations.

    Cache entries include both inclusion and exclusion of a principal within a given role.

    • Constructor Summary

      Constructors 
      Constructor Description
      CachingAuthorizer​(com.codahale.metrics.MetricRegistry metricRegistry, Authorizer<P> authorizer, com.google.common.cache.CacheBuilder<Object,​Object> builder)
      Creates a new cached authorizer.
      CachingAuthorizer​(com.codahale.metrics.MetricRegistry metricRegistry, Authorizer<P> authorizer, com.google.common.cache.CacheBuilderSpec cacheSpec)
      Creates a new cached authorizer.

    • Constructor Detail

      • CachingAuthorizer

        public CachingAuthorizer​(com.codahale.metrics.MetricRegistry metricRegistry,
                         Authorizer<P> authorizer,
                         com.google.common.cache.CacheBuilderSpec cacheSpec)
        Creates a new cached authorizer.
        Parameters:
        metricRegistry - the application's registry of metrics
        authorizer - the underlying authorizer
        cacheSpec - CacheBuilderSpec

      • CachingAuthorizer

        public CachingAuthorizer​(com.codahale.metrics.MetricRegistry metricRegistry,
                         Authorizer<P> authorizer,
                         com.google.common.cache.CacheBuilder<Object,​Object> builder)
        Creates a new cached authorizer.
        Parameters:
        metricRegistry - the application's registry of metrics
        authorizer - the underlying authorizer
        builder - a CacheBuilder

    • Method Detail

      • authorize

        public boolean authorize​(P principal,
                         String role)
        Description copied from interface: Authorizer
        Decides if access is granted for the given principal in the given role.
        Specified by:
        authorize in interface Authorizer<P extends Principal>
        Parameters:
        principal - a Principal object, representing a user
        role - a user role
        Returns:
        true, if the access is granted, false otherwise

      • invalidate

        public void invalidate​(P principal,
                       String role)
        Discards any cached role associations for the given principal and role.
        Parameters:
        principal -
        role -

      • invalidate

        public void invalidate​(P principal)
        Discards any cached role associations for the given principal.
        Parameters:
        principal -

      • invalidateAll

        public void invalidateAll​(Iterable<P> principals)
        Discards any cached role associations for the given collection of principals.
        Parameters:
        principals - a list of principals

      • invalidateAll

        public void invalidateAll​(Predicate<? super P> predicate)
        Discards any cached role associations for principals satisfying the given predicate.
        Parameters:
        predicate - a predicate to filter credentials

      • invalidateAll

        public void invalidateAll()
        Discards all cached role associations.

      • size

        public long size()
        Returns the number of principals for which there are cached role associations.
        Returns:
        the number of cached principals

      • stats

        public com.google.common.cache.CacheStats stats()
        Returns a set of statistics about the cache contents and usage.
        Returns:
        a set of statistics about the cache contents and usage