shiro-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Les Hazlewood <lhazlew...@apache.org>
Subject Re: Integrating Shiro, Am i writing too much code?
Date Mon, 21 Feb 2011 20:09:57 GMT
On Mon, Feb 21, 2011 at 5:52 AM, Snehesh <snehesh.mitra@gmail.com> wrote:
>
> Hi
>
> Apologies if the following has already been answered, but i tried my best to
> look for it and finally thought of posting the same.
>
> I have been reading and looking into Shiro for sometime now. The idea was to
> use this for our services layer. This layer is accessed by n number of front
> ends and hence we decided to have security at this layer.
>
> Also as this is a SAAS based multi tenant application, i am not able to use
> any out of the box Realms, AuthenticationInfo, Token etc. The more i try to
> integrate the more i end up overriding. I am not sure if this is the right
> way to do it as by the end of the integration i would have probably
> overridden a huge amount of code.
>
> My question here is that do we have a standard guideline as to what all
> should be extended/overridden if one needs a custom realm.
>
> Also to give an idea on our application:
> - I use Hibernate for database access
> - Authentication is based on username, tenant name/tenant id and password
>
> It looks like a very slight deviation from the out of the box
> functionalities but its forcing me to write everything again.
>
> Any suggestions will be appreciated.
>
> Thanks
> Snehesh
> --
> View this message in context: http://shiro-user.582556.n2.nabble.com/Integrating-Shiro-Am-i-writing-too-much-code-tp6048755p6048755.html
> Sent from the Shiro User mailing list archive at Nabble.com.
>

Hi Snehesh,

Besides creating a new AuthenticationToken (probably a subclass of
UsernamePasswordToken that also has the tenant id) and a custom Realm
to understand/process that token, what else are you overriding?

-- 
Les Hazlewood
Founder, Katasoft, Inc.
Application Security Products & Professional Apache Shiro Support and Training:
http://www.katasoft.com

Mime
View raw message