The role of cache: a cache authentication information and authorization information, do not always go to the database query data, but retrieved from the cache.
When we carried out a number of privileges in shiro url filter, authorization roles, such as filterMap.put ( "/ user / add", "perms [user: add]");
The program will automatically query the database to the required role permissions information, once controlled much written on our menus and buttons, then the corresponding database query many times.
1: Authorized Certification:
(1) When you first access authorization, calls the method to obtain authorization from the definition Realm of data, authorization data from a database query, and those who log on to the Principal as a key, stored in the cache. Each subsequent access authorization, you get directly from the cache rather than retrieved from the database.
2: empty the cache when:
(1) When the Log, calls the method empty the cache, will be the current Principal Lander for authorization data in the cache key emptied out.
(2) If you modify the user's permission, and the user does not exit the system, modify the permissions will not take effect, then you need to manually invoke realm clearCache method of clearing the cache until the next time access authorization data, retrieve from the database, and stored in the cache.
Case (3) the user is not logging out, close the browser, but also empty the cache.
3: Cache mode:
(1) shiro integrated cache ehcache
(2) shiro integration redis cache