shiro-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Les Hazlewood <lhazlew...@apache.org>
Subject Re: Attaching extra information to the subject
Date Tue, 08 Nov 2011 18:38:11 GMT
Yes, Manoj is correct - you can associate more information with the
PrincipalCollection if you wish and query the PrincipalCollection
during runtime - nothing wrong with that approach.  I personally like
to keep only a single user ID in the PrincipalCollection and use that
to look up any additional data as necessary.

Either approach is fine, but if you find that you're storing a lot of
information in the PrincipalCollection, it's better to reduce it to a
single principal and look up additional data as necessary due to the
serialization concerns I mentioned previously.

HTH,

-- 
Les Hazlewood
CTO, Katasoft | http://www.katasoft.com | 888.391.5282
twitter: @lhazlewood | http://twitter.com/lhazlewood
katasoft blog: http://www.katasoft.com/blogs/lhazlewood
personal blog: http://leshazlewood.com

On Tue, Nov 8, 2011 at 10:30 AM, Manoj Khangaonkar
<khangaonkar@gmail.com> wrote:
> Hi Bengt,
>
> Subject can have more than 1 principal.
>
> subject.getPrincipals() returns a principalCollection.
> SimpleAuthenticationInfo takes PrincipalCollection.
>
> You can associate additional user attributes with the subject using
> principalcollection.
>
> Manoj
>
> On Tue, Nov 8, 2011 at 5:39 AM, Bengt Rodehav <bengt@rodehav.com> wrote:
>> I'm using Shiro 1.1 and I've implemented my own realm to be able to delegate
>> authentication to a legacy application.
>> I have extended "AuthorizingRealm" and my "doGetAuthenticationInfo" method
>> returns a "SimpleAuthenticationInfo" containing the user and the password.
>> To check who is logged in I call
>>   Subject currentUser = SecurityUtils.getSubject();
>> From the subject I can found out who is logged in by calling:
>>   currentUser.getPrincipal().toString()
>> This gives me the login name. I'm not sure if this is how I should do it but
>> it seems to work fine. However, I also want to retrieve a clear text name
>> for the currently logged in user. I get this information from our legacy
>> application and I'd like to present it in our web application. How can I do
>> this?
>> I assume that what is returned from my "doGetAuthenticationInfo" method
>> somehow is stored in the subject. I guess that I could then subclass
>> "SimpleAuthenticationInfo" and add my extra information. But how can I
>> retrieve it from the subject?
>> Best regards,
>> /Bengt
>>
>>
>>
>
>
>
> --
> http://khangaonkar.blogspot.com/

Mime
View raw message