shiro源码分析

CachingEnabled单独设置有效
setAuthenticationCachingEnabled或者setAuthorizationCachingEnabled会将CachingEnabled重置为true

    public void setAuthenticationCachingEnabled(boolean authenticationCachingEnabled) {
        this.authenticationCachingEnabled = authenticationCachingEnabled;
        if (authenticationCachingEnabled) {
            this.setCachingEnabled(true);
        }
    }

　　认证流程分析

1.DelegatingSubject调用login
2.DefaultSecurityManager调用login
3.AuthenticatingSecurityManager调用authenticate
4.AbstractAuthenticator调用authenticate
5.ModularRealmAuthenticator调用doAuthenticate这里分为Single和Multi,具体算法可以debug仔细看
6.单Realm情况下调用ModularRealmAuthenticator.doSingleRealmAuthentication
7.AuthenticatingRealm调用getAuthenticationInfo 如果设置里缓存这里会从缓存读数据和储存缓存

    public final AuthenticationInfo getAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        AuthenticationInfo info = this.getCachedAuthenticationInfo(token);
        if (info == null) {
            info = this.doGetAuthenticationInfo(token); //读取缓存
            log.debug("Looked up AuthenticationInfo [{}] from doGetAuthenticationInfo", info);
            if (token != null && info != null) {
                this.cacheAuthenticationInfoIfPossible(token, info); //保存缓存
            }
        } else {
            log.debug("Using cached authentication info [{}] to perform credentials matching.", info);
        }

        if (info != null) {
            this.assertCredentialsMatch(token, info);
        } else {
            log.debug("No AuthenticationInfo found for submitted AuthenticationToken [{}].  Returning null.", token);
        }

        return info;
    }

　　

    private AuthenticationInfo getCachedAuthenticationInfo(AuthenticationToken token) {
        AuthenticationInfo info = null;
        Cache<Object, AuthenticationInfo> cache = this.getAvailableAuthenticationCache(); 
        if (cache != null && token != null) {
            log.trace("Attempting to retrieve the AuthenticationInfo from cache.");
            Object key = this.getAuthenticationCacheKey(token);  //key用户名
            info = (AuthenticationInfo)cache.get(key);   //info凭证
            if (info == null) { 
                log.trace("No AuthorizationInfo found in cache for key [{}]", key);
            } else {
                log.trace("Found cached AuthorizationInfo for key [{}]", key);
            }
        }

        return info;
    }

　　

AuthenticatingRealm调用cacheAuthenticationInfoIfPossible设置缓存
    private void cacheAuthenticationInfoIfPossible(AuthenticationToken token, AuthenticationInfo info) {
        if (!this.isAuthenticationCachingEnabled(token, info)) { //判断有没有开启缓存设置
            log.debug("AuthenticationInfo caching is disabled for info [{}].  Submitted token: [{}].", info, token);
        } else {
            Cache<Object, AuthenticationInfo> cache = this.getAvailableAuthenticationCache();
            if (cache != null) {
                Object key = this.getAuthenticationCacheKey(token);
                cache.put(key, info);
                log.trace("Cached AuthenticationInfo for continued authentication.  key=[{}], value=[{}].", key, info);
            }

        }
    }