diff --git a/pom.xml b/pom.xml
index 925f996aeb5e9b2d13023dc5452120a0a357ec73..d28ef6f64407e70945512a3289cff0f9a28e78b7 100644
--- a/pom.xml
+++ b/pom.xml
@@ -360,11 +360,6 @@
-
- net.sf.ehcache
- ehcache
- ${ehcache.version}
-
net.sf.oval
@@ -458,6 +453,21 @@
velocity
1.7
+
+ com.hazelcast
+ hazelcast-client
+ 3.1.5
+
+
+ com.hazelcast
+ hazelcast-spring
+ 3.1.5
+
+
+ com.hazelcast
+ hazelcast-cloud
+ 3.1.5
+
diff --git a/src/main/java/org/genesys2/server/cache/HazelcastAclCache.java b/src/main/java/org/genesys2/server/cache/HazelcastAclCache.java
new file mode 100644
index 0000000000000000000000000000000000000000..fb28f4bafa705a30ef0b078a042ce5c86736d31a
--- /dev/null
+++ b/src/main/java/org/genesys2/server/cache/HazelcastAclCache.java
@@ -0,0 +1,127 @@
+package org.genesys2.server.cache;
+
+import java.io.Serializable;
+
+import org.springframework.cache.Cache;
+import org.springframework.security.acls.domain.AclAuthorizationStrategy;
+import org.springframework.security.acls.domain.AclImpl;
+import org.springframework.security.acls.model.AclCache;
+import org.springframework.security.acls.model.MutableAcl;
+import org.springframework.security.acls.model.ObjectIdentity;
+import org.springframework.security.acls.model.PermissionGrantingStrategy;
+import org.springframework.security.util.FieldUtils;
+import org.springframework.util.Assert;
+
+public class HazelcastAclCache implements AclCache {
+ // ~ Instance fields
+ // ================================================================================================
+
+ private PermissionGrantingStrategy permissionGrantingStrategy;
+ private AclAuthorizationStrategy aclAuthorizationStrategy;
+ private Cache cache;
+
+ // ~ Constructors
+ // ===================================================================================================
+
+ public HazelcastAclCache(Cache cache, PermissionGrantingStrategy permissionGrantingStrategy, AclAuthorizationStrategy aclAuthorizationStrategy) {
+ Assert.notNull(cache, "Cache required");
+ Assert.notNull(permissionGrantingStrategy, "PermissionGrantingStrategy required");
+ Assert.notNull(aclAuthorizationStrategy, "AclAuthorizationStrategy required");
+ this.cache = cache;
+ this.permissionGrantingStrategy = permissionGrantingStrategy;
+ this.aclAuthorizationStrategy = aclAuthorizationStrategy;
+ }
+
+ // ~ Methods
+ // ========================================================================================================
+
+ public void evictFromCache(Serializable pk) {
+ Assert.notNull(pk, "Primary key (identifier) required");
+
+ MutableAcl acl = getFromCache(pk);
+
+ if (acl != null) {
+ cache.evict(acl.getId());
+ cache.evict(acl.getObjectIdentity());
+ }
+ }
+
+ public void evictFromCache(ObjectIdentity objectIdentity) {
+ Assert.notNull(objectIdentity, "ObjectIdentity required");
+
+ MutableAcl acl = getFromCache(objectIdentity);
+
+ if (acl != null) {
+ cache.evict(acl.getId());
+ cache.evict(acl.getObjectIdentity());
+ }
+ }
+
+ public MutableAcl getFromCache(ObjectIdentity objectIdentity) {
+ Assert.notNull(objectIdentity, "ObjectIdentity required");
+
+ MutableAcl element = null;
+
+ try {
+ element = (MutableAcl) cache.get(objectIdentity);
+ } catch (Throwable ignored) {
+ }
+
+ if (element == null) {
+ return null;
+ }
+ return initializeTransientFields(element);
+ }
+
+ public MutableAcl getFromCache(Serializable pk) {
+ Assert.notNull(pk, "Primary key (identifier) required");
+
+ MutableAcl element = null;
+
+ try {
+ element = (MutableAcl) cache.get(pk);
+ } catch (Throwable ignored) {
+ }
+
+ if (element == null) {
+ return null;
+ }
+ return initializeTransientFields(element);
+ }
+
+ public void putInCache(MutableAcl acl) {
+ Assert.notNull(acl, "Acl required");
+ Assert.notNull(acl.getObjectIdentity(), "ObjectIdentity required");
+ Assert.notNull(acl.getId(), "ID required");
+
+ if (this.aclAuthorizationStrategy == null) {
+ if (acl instanceof AclImpl) {
+ this.aclAuthorizationStrategy = (AclAuthorizationStrategy) FieldUtils.getProtectedFieldValue("aclAuthorizationStrategy", acl);
+ this.permissionGrantingStrategy = (PermissionGrantingStrategy) FieldUtils.getProtectedFieldValue("permissionGrantingStrategy", acl);
+ }
+ }
+
+ if ((acl.getParentAcl() != null) && (acl.getParentAcl() instanceof MutableAcl)) {
+ putInCache((MutableAcl) acl.getParentAcl());
+ }
+
+ cache.put(acl.getObjectIdentity(), acl);
+ cache.put(acl.getId(), acl);
+ }
+
+ private MutableAcl initializeTransientFields(MutableAcl value) {
+ if (value instanceof AclImpl) {
+ FieldUtils.setProtectedFieldValue("aclAuthorizationStrategy", value, this.aclAuthorizationStrategy);
+ FieldUtils.setProtectedFieldValue("permissionGrantingStrategy", value, this.permissionGrantingStrategy);
+ }
+
+ if (value.getParentAcl() != null) {
+ initializeTransientFields((MutableAcl) value.getParentAcl());
+ }
+ return value;
+ }
+
+ public void clearCache() {
+ cache.clear();
+ }
+}
diff --git a/src/main/java/org/genesys2/server/service/impl/AclServiceImpl.java b/src/main/java/org/genesys2/server/service/impl/AclServiceImpl.java
index fe3913c20366660afe6ec8f016716c916bd21fea..791c956a4a23df5c03854e11c935ff94971b6f71 100644
--- a/src/main/java/org/genesys2/server/service/impl/AclServiceImpl.java
+++ b/src/main/java/org/genesys2/server/service/impl/AclServiceImpl.java
@@ -20,8 +20,6 @@ import java.util.HashMap;
import java.util.List;
import java.util.Map;
-import net.sf.ehcache.CacheManager;
-
import org.genesys2.server.aspect.AsAdminAspect;
import org.genesys2.server.model.AclAwareModel;
import org.genesys2.server.model.acl.AclClass;
@@ -39,6 +37,7 @@ import org.genesys2.spring.SecurityContextUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.cache.CacheManager;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.acls.domain.BasePermission;
import org.springframework.security.acls.model.Permission;
@@ -305,6 +304,6 @@ public class AclServiceImpl implements AclService {
aclEntry.setGranting(permissionMap.get((int) aclEntry.getMask()));
}
aclEntryPersistence.save(aclEntries);
- cacheManager.getCache("acl").removeAll();
+ cacheManager.getCache("aclcache").clear();
}
}
diff --git a/src/main/resources/ehcache.xml b/src/main/resources/ehcache.xml
deleted file mode 100644
index 6c74c2a7c4b1274c1f078d65c2fc12051e8ebcdf..0000000000000000000000000000000000000000
--- a/src/main/resources/ehcache.xml
+++ /dev/null
@@ -1,35 +0,0 @@
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
diff --git a/src/main/resources/spring/spring-cache.xml b/src/main/resources/spring/spring-cache.xml
index 23dce06c1e4ed8bbe141e2151e0f25f5573357af..5c3beda25d1bcef68e8e245a75c58b750ceb6ce8 100644
--- a/src/main/resources/spring/spring-cache.xml
+++ b/src/main/resources/spring/spring-cache.xml
@@ -16,35 +16,76 @@
-->
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+ http://www.springframework.org/schema/cache/spring-cache-3.2.xsd
+ http://www.hazelcast.com/schema/spring
+ http://www.hazelcast.com/schema/spring/hazelcast-spring-3.1.xsd">
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ 5
+ 5
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ 5
+ 5
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/src/main/resources/spring/spring-db.xml b/src/main/resources/spring/spring-db.xml
index 0fc68fef818c50f0c7b6d4bd4e1bb46161d1914d..5fa9050a3286648ec6917e005cde1d00350cfe41 100644
--- a/src/main/resources/spring/spring-db.xml
+++ b/src/main/resources/spring/spring-db.xml
@@ -52,7 +52,7 @@
${db.dialect}
- false
+
${db.hbm2ddl}
${lucene.indexDir}
false
diff --git a/src/main/resources/spring/spring-security-acl.xml b/src/main/resources/spring/spring-security-acl.xml
index f525b7b871cb3b2cf9555f1b99c386dce1dfb3fe..712cce25fc5d920a9b71260afd63ef6f7174b30a 100644
--- a/src/main/resources/spring/spring-security-acl.xml
+++ b/src/main/resources/spring/spring-security-acl.xml
@@ -33,12 +33,12 @@
-
-
+
+
-
-
-
+
+
+
diff --git a/src/main/resources/spring/spring.properties b/src/main/resources/spring/spring.properties
index 5aa81449d31446f4faf2aa1a3029986a74ddb4b9..62f53ec88d4c3814eec72d03373ae5eadb24cfde 100644
--- a/src/main/resources/spring/spring.properties
+++ b/src/main/resources/spring/spring.properties
@@ -21,7 +21,7 @@ db.driverClassName=com.mysql.jdbc.Driver
db.dialect=org.hibernate.dialect.MySQL5Dialect
db.username=root
db.password=
-db.showSql=true
+db.showSql=false
db.hbm2ddl=do-nothing
c3p0.acquireIncrement=1
@@ -88,3 +88,14 @@ executor.queue.capacity=100
#scheduler properties
scheduler.max.pool.size=16
+
+# Hazelcast
+hazelcast.name=genesys
+hazelcast.password=hazelcasts
+hazelcast.port=5701
+
+# AWS Autodetection
+hazelcast.aws.access-key=
+hazelcast.aws.secret-key=
+hazelcast.aws.region=eu-west-1
+hazelcast.aws.security-group=sg-hazelcast