Skip to content

Commit

Permalink
Introduce auth cache settings
Browse files Browse the repository at this point in the history 
- TTL for cache values
- Maximum capacity for caches
  • Loading branch information
@Mats-SX @henriknyman
Mats-SX authored and henriknyman committed Sep 7, 2016
1 parent 368ff24 commit 07b33c3
Show file tree
Hide file tree
Showing 2 changed files with 14 additions and 1 deletion.
5 changes: 4 additions & 1 deletion ...src/main/java/org/neo4j/server/security/enterprise/auth/EnterpriseAuthManagerFactory.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -78,7 +78,10 @@ public AuthManager newInstance( Config config, LogProvider logProvider )
// TODO: Load pluggable realms
}

return new MultiRealmAuthManager( internalRealm, realms, new AuthCache.Manager( Clocks.systemClock(), 100, 100 ) );
long ttl = config.get( SecuritySettings.auth_caching_ttl );
long maxCapacity = config.get( SecuritySettings.auth_cache_max_capacity );

return new MultiRealmAuthManager( internalRealm, realms, new AuthCache.Manager( Clocks.systemClock(), ttl, maxCapacity ) );
}

private static InternalFlatFileRealm createInternalRealm( Config config, LogProvider logProvider )
Expand Down
10 changes: 10 additions & 0 deletions ...se/security/src/main/java/org/neo4j/server/security/enterprise/auth/SecuritySettings.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,9 @@
import org.neo4j.helpers.HostnamePort;

import static org.neo4j.kernel.configuration.Settings.BOOLEAN;
import static org.neo4j.kernel.configuration.Settings.DURATION;
import static org.neo4j.kernel.configuration.Settings.HOSTNAME_PORT;
import static org.neo4j.kernel.configuration.Settings.LONG;
import static org.neo4j.kernel.configuration.Settings.NO_DEFAULT;
import static org.neo4j.kernel.configuration.Settings.STRING;
import static org.neo4j.kernel.configuration.Settings.STRING_LIST;
Expand Down Expand Up @@ -140,4 +142,12 @@ public class SecuritySettings
"E.g. group1=role1;group2=role2;group3=role3,role4,role5" )
public static Setting<String> ldap_authorization_group_to_role_mapping =
setting( "dbms.security.realms.ldap.authorization.group_to_role_mapping", STRING, NO_DEFAULT );

@Description( "The time to live (TTL) for cached authentication and authorization info." )
public static Setting<Long> auth_caching_ttl =
setting( "dbms.security.realms.auth_caching_ttl", DURATION, "10m" );

@Description( "The maximum capacity for authentication and authorization caches (respectively)." )
public static Setting<Long> auth_cache_max_capacity =
setting( "dbms.security.realms.auth_cache_max_capacity", LONG, "10000" );
}

0 comments on commit 07b33c3

Please sign in to comment.