Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id BB340200D73 for ; Tue, 26 Dec 2017 23:33:11 +0100 (CET) Received: by cust-asf.ponee.io (Postfix) id B98B5160C0B; Tue, 26 Dec 2017 22:33:11 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id 123D1160C13 for ; Tue, 26 Dec 2017 23:33:10 +0100 (CET) Received: (qmail 90390 invoked by uid 500); 26 Dec 2017 22:33:10 -0000 Mailing-List: contact dev-help@shiro.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@shiro.apache.org Delivered-To: mailing list dev@shiro.apache.org Received: (qmail 90376 invoked by uid 99); 26 Dec 2017 22:33:10 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd2-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 26 Dec 2017 22:33:10 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd2-us-west.apache.org (ASF Mail Server at spamd2-us-west.apache.org) with ESMTP id B95DB1A072D for ; Tue, 26 Dec 2017 22:33:09 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd2-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: -100.002 X-Spam-Level: X-Spam-Status: No, score=-100.002 tagged_above=-999 required=6.31 tests=[RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, USER_IN_WHITELIST=-100] autolearn=disabled Received: from mx1-lw-eu.apache.org ([10.40.0.8]) by localhost (spamd2-us-west.apache.org [10.40.0.9]) (amavisd-new, port 10024) with ESMTP id qLBq1Vq3fYqU for ; Tue, 26 Dec 2017 22:33:07 +0000 (UTC) Received: from mailrelay1-us-west.apache.org (mailrelay1-us-west.apache.org [209.188.14.139]) by mx1-lw-eu.apache.org (ASF Mail Server at mx1-lw-eu.apache.org) with ESMTP id 100245F470 for ; Tue, 26 Dec 2017 22:33:07 +0000 (UTC) Received: from jira-lw-us.apache.org (unknown [207.244.88.139]) by mailrelay1-us-west.apache.org (ASF Mail Server at mailrelay1-us-west.apache.org) with ESMTP id 9AFB8E0732 for ; Tue, 26 Dec 2017 22:33:04 +0000 (UTC) Received: from jira-lw-us.apache.org (localhost [127.0.0.1]) by jira-lw-us.apache.org (ASF Mail Server at jira-lw-us.apache.org) with ESMTP id 1F0C7240DA for ; Tue, 26 Dec 2017 22:33:01 +0000 (UTC) Date: Tue, 26 Dec 2017 22:33:00 +0000 (UTC) From: "Vidar Vevik (JIRA)" To: dev@shiro.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Created] (SHIRO-642) FirstRealmAuthenticator MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 archived-at: Tue, 26 Dec 2017 22:33:11 -0000 Vidar Vevik created SHIRO-642: --------------------------------- Summary: FirstRealmAuthenticator Key: SHIRO-642 URL: https://issues.apache.org/jira/browse/SHIRO-642 Project: Shiro Issue Type: New Feature Components: Authentication (log-in) Reporter: Vidar Vevik Priority: Minor I noticed that Shiro was having different functionalities when between one and many realms in use. I used time to dig into this and it resulted in a suggestion for a new Shiro class with name FirstRealmAuthenticator. My suggestion for FirstRealmAuthenticator is that it is equal to ModularRealmAuthenticator except that when it finds first realm that is used for token it will handle it in the same way as it was the only realm and skip all other realms. The benefit of this is speed and similarity. Here is example code for method doMultiRealmAuthentication: {{ protected AuthenticationInfo doMultiRealmAuthentication(Collection realms, AuthenticationToken token) { AuthenticationStrategy strategy = getAuthenticationStrategy(); AuthenticationInfo aggregate = strategy.beforeAllAttempts(realms, token); if (log.isTraceEnabled()) { log.trace("Iterating through {} realms for PAM authentication", realms.size()); } for (Realm realm : realms) { aggregate = strategy.beforeAttempt(realm, token, aggregate); if (realm.supports(token)) { log.trace("Attempting to authenticate token [{}] using realm [{}]", token, realm); AuthenticationInfo info = realm.getAuthenticationInfo(token); aggregate = strategy.afterAttempt(realm, token, info, aggregate, null); break; } else { log.debug("Realm [{}] does not support token {}. Skipping realm.", realm, token); } } aggregate = strategy.afterAllAttempts(token, aggregate); return aggregate; } }} -- This message was sent by Atlassian JIRA (v6.4.14#64029)