ES ESF Manager Results Cache Facility. More...
Defines | |
| #define | SafCACHE_VERIFY_ALLOW 1<<0 |
| #define | SafCACHE_VERIFY_DENY 1<<1 |
| #define | SafCACHE_AUTH_ALLOW 1<<2 |
| #define | SafCACHE_AUTH_DENY 1<<3 |
| #define | SafCACHE_AUTH_UNKNOWN 1<<4 |
| #define | SafCACHE_XAUTH_ALLOW 1<<5 |
| #define | SafCACHE_XAUTH_DENY 1<<6 |
| #define | SafCACHE_XAUTH_UNKNOWN 1<<7 |
| #define | SafCACHE_LOCK() |
| #define | SafCACHE_UNLOCK() |
Functions | |
| mf_uns32 | SafCacheInit (struct SafInit *Init) |
| ESF Cache Initialization. | |
| SafRet | SafCacheTerminate (mf_uns32 What, void *Reserved) |
| ESF Cache Termination. | |
| enum SafCacheResult | SafCacheQuery (struct safpb_parameter_block *Request) |
| Query Cache. | |
| enum SafCacheResult | SafCacheStore (struct safpb_parameter_block *Request) |
| Cache a result. | |
| SafRet | SafCacheUpdate (struct safpb_parameter_block *Request) |
| Remove cache entries after security data is updated. | |
ES ESF Manager Results Cache Facility.
The ESF Manager caches results from ESMs to reduce the number of actual queries to the ESMs, which are typically very slow (orders of magnitude slower than returning cached results, in some cases). This file implements the cache.
| #define SafCACHE_LOCK | ( | ) |
if (!Locked) do { \ static struct SafLockInfo Info = {SafESM_API_LOCK_INFO_VER, SafESM_API_LOCK_LOCAL}; \ SafLockRet LRet = SafLockEnq("#Cache", "Cache", SafESM_LCK_NONE, SafESM_LCK_EXCL, SafESM_LCK_PROC, &Info); \ if (LRet) { Ret = SafCACHE_TIMEOUT; goto done; } \ Locked = 1; \ } while (0)
| #define SafCACHE_UNLOCK | ( | ) |
if (Locked) do { \ static struct SafLockInfo Info = {SafESM_API_LOCK_INFO_VER, SafESM_API_LOCK_LOCAL}; \ SafLockDeq("#Cache", "Cache", &Info); \ Locked = 0; \ } while (0)
| mf_uns32 SafCacheInit | ( | struct SafInit * | Init | ) |
ESF Cache Initialization.
This function is invoked by the ESF Manager Initialization routine to initialize the cache facility.
References SafInit::Config, SafCACHE_FOUND, SafDupStr(), SafINIT_OK, SafINIT_RESRCE, SafLog(), SafMsgERR, SafMsgINFO, SafMsgWARN, SafQueryCfg(), SafR_OK, and SafSTRCMP_CI.
Referenced by safmgr().
| SafRet SafCacheTerminate | ( | mf_uns32 | What, | |
| void * | Reserved | |||
| ) |
ESF Cache Termination.
Terminate caching. After this point no caching will be done unless ESF is re-initialized.
References SafCACHE_SHUTDOWN, SafR_INTERNAL, SafR_OK, SafTERM_ESF, and SafTERM_PROCESS.
Referenced by safterm().
| enum SafCacheResult SafCacheQuery | ( | struct safpb_parameter_block * | Request | ) |
Query Cache.
Check the cache to see if this particular request has already been processed.
References safpb_parameter_block::DISCRETE, safpb_parameter_block::RETCODES, SafCACHE_CANTCACHE, SafCACHE_FOUND, and SafCACHE_NOTFOUND.
Referenced by SafAuth(), SafVerify(), and SafXauth().
| enum SafCacheResult SafCacheStore | ( | struct safpb_parameter_block * | Request | ) |
Cache a result.
Cache an ESF request and its result. Assumes the caller has already decided that this result should be cached, but in some cases we may reject the request anyway.
TODO: We may need an ESF configuration option that disables passtokens because I bet CAS and MFDS routinely request tickets, which will prevent caching any Verify operations. Customers who don't use passtokens, or would prefer to have Verify caching over passtokens, will want to disable that.
References safpb_parameter_block::DISCRETE, safpb_parameter_block::REQUESTS, safpb_parameter_block::RETCODES, saf78_SAF_RC_NOT_COMPLETE, saf78_SAF_RC_SUCCESS, saf78_TYPE_ATTR_STATUS_ACC, saf78_TYPE_ENVIR_CREATE, saf78_TYPE_USER_CHECK, SafCACHE_AUTH, SafCACHE_BADCALL, SafCACHE_CANTCACHE, SafCACHE_FOUND, SafCACHE_NOTCACHED, SafCACHE_NOTFOUND, SafCACHE_VERIFY, SafCACHE_XAUTH, safpb_parameter_block::safpb_type, safpb_verify::safpb_verify_NEWPWRD_len, safpb_verify::safpb_verify_TOKEN_ptr, and safpb_parameter_block::VERIFY.
Referenced by SafAuth(), SafVerify(), and SafXauth().
| SafRet SafCacheUpdate | ( | struct safpb_parameter_block * | Request | ) |
Remove cache entries after security data is updated.
Remove some or all cache entries in response to an administrative update request. The Request parameter may point to an ESF request, in which case matching entries should be removed; or it may be null, which flushes the entire cache.
References SafCACHE_NOTFOUND, and SafR_OK.
Referenced by SafUpdate().