Return-Path: Delivered-To: apmail-shiro-user-archive@www.apache.org Received: (qmail 60120 invoked from network); 21 Feb 2011 13:52:44 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 21 Feb 2011 13:52:44 -0000 Received: (qmail 43597 invoked by uid 500); 21 Feb 2011 13:52:44 -0000 Delivered-To: apmail-shiro-user-archive@shiro.apache.org Received: (qmail 43436 invoked by uid 500); 21 Feb 2011 13:52:41 -0000 Mailing-List: contact user-help@shiro.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: user@shiro.apache.org Delivered-To: mailing list user@shiro.apache.org Received: (qmail 43422 invoked by uid 99); 21 Feb 2011 13:52:40 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 21 Feb 2011 13:52:40 +0000 X-ASF-Spam-Status: No, hits=2.0 required=5.0 tests=FREEMAIL_FROM,SPF_NEUTRAL,T_TO_NO_BRKTS_FREEMAIL,URI_HEX X-Spam-Check-By: apache.org Received-SPF: neutral (athena.apache.org: 216.139.236.26 is neither permitted nor denied by domain of snehesh.mitra@gmail.com) Received: from [216.139.236.26] (HELO sam.nabble.com) (216.139.236.26) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 21 Feb 2011 13:52:34 +0000 Received: from jim.nabble.com ([192.168.236.80]) by sam.nabble.com with esmtp (Exim 4.69) (envelope-from ) id 1PrWBS-0007oN-A8 for user@shiro.apache.org; Mon, 21 Feb 2011 05:52:14 -0800 Date: Mon, 21 Feb 2011 05:52:14 -0800 (PST) From: Snehesh To: user@shiro.apache.org Message-ID: <1298296334188-6048755.post@n2.nabble.com> Subject: Integrating Shiro, Am i writing too much code? MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Hi Apologies if the following has already been answered, but i tried my best to look for it and finally thought of posting the same. I have been reading and looking into Shiro for sometime now. The idea was to use this for our services layer. This layer is accessed by n number of front ends and hence we decided to have security at this layer. Also as this is a SAAS based multi tenant application, i am not able to use any out of the box Realms, AuthenticationInfo, Token etc. The more i try to integrate the more i end up overriding. I am not sure if this is the right way to do it as by the end of the integration i would have probably overridden a huge amount of code. My question here is that do we have a standard guideline as to what all should be extended/overridden if one needs a custom realm. Also to give an idea on our application: - I use Hibernate for database access - Authentication is based on username, tenant name/tenant id and password It looks like a very slight deviation from the out of the box functionalities but its forcing me to write everything again. Any suggestions will be appreciated. Thanks Snehesh -- View this message in context: http://shiro-user.582556.n2.nabble.com/Integrating-Shiro-Am-i-writing-too-much-code-tp6048755p6048755.html Sent from the Shiro User mailing list archive at Nabble.com.