在使用RMI的分布式系统上使用Apache Shiro的正确方法? [英] Correct way to use Apache Shiro on distributed system using RMI?
问题描述
我正在寻找有关如何使用Java RMI将Apache Shiro实现为分布式系统(客户端 - 服务器)的一部分的指南/提示。
I'm looking for some guidelines/tips on how to implement Apache Shiro as a part of a distributed system (client-server) using Java RMI.
I看过这个帖子的答案:如何组织RMI客户端 - 服务器架构我正在考虑使用类似的东西。我计划的是一个远程对象(可能是Singleton?),它在客户端登录时处理身份验证。如果登录成功,则会创建一个新的会话对象。但我不太确定这个对象在哪里以及存储在其中的信息。它应该传递给客户端还是作为另一个远程对象存在。
I've looked at the answer to this thread : How to organize RMI Client-Server architecture and I'm thinking of using something similar. What I have planned is a remote object (possibly a Singleton?) that handles the authentication when the client log in. If the log in is successful a new session-object is created. But I'm not quite sure where this object would belong and what information to store in it. Should it be passed on to the client or exists as another remote object.
我认为它应该被用作某种会话外观,其中来自客户的每个请求都是由Shiro授权的。
我不确定是否最好(也可能)为客户端提供Shiro知道的唯一令牌/标识符,并且可以根据每个方法调用进行授权,或者创建远程会话-facade对象对于每个连接都存在并存储有关当前用户的信息等等。
I'm thinking that it should be used as some kind of session facade where each request from the client is being authorized by Shiro. I'm not sure whether it is best (and possible) to give the client a unique token/identifier that Shiro knows about and can authorized based on for each method-invocation, or to create a remote session-facade object that exists for each connection and stores the information about the current user and so forth.
另外,我不知道Shiro在多线程中使用时如何处理Subject申请以及上述提案中的任何一个是否会引起冲突。
Also I don't know quite how Shiro handles the Subject when used in multi-threaded application and whether either of the mentioned proposals would cause a conflict.
我很期待听到你的想法 - 谢谢!
I'm looking forward to hear your thoughts on this - Thanks!
推荐答案
正如我对该问题的回答所述,登录对象确实是一个单例,而会话对象确实是另一个远程对象。
As described in my answer to that question, the login object is indeed a singleton, and the session object is indeed another remote object.
我不知道看到你提到的关于向Shiro进行身份验证的两个备选方案之间的任何区别。从Shiro的角度来看,会话对象是客户端。
I don't see any difference between the two alternatives you mention about authenticating to Shiro. From the point of view of Shiro, the session object is the client.
这篇关于在使用RMI的分布式系统上使用Apache Shiro的正确方法?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
