shiro-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Les Hazlewood <>
Subject Re: Attaching extra information to the subject
Date Tue, 08 Nov 2011 18:38:11 GMT
Yes, Manoj is correct - you can associate more information with the
PrincipalCollection if you wish and query the PrincipalCollection
during runtime - nothing wrong with that approach.  I personally like
to keep only a single user ID in the PrincipalCollection and use that
to look up any additional data as necessary.

Either approach is fine, but if you find that you're storing a lot of
information in the PrincipalCollection, it's better to reduce it to a
single principal and look up additional data as necessary due to the
serialization concerns I mentioned previously.


Les Hazlewood
CTO, Katasoft | | 888.391.5282
twitter: @lhazlewood |
katasoft blog:
personal blog:

On Tue, Nov 8, 2011 at 10:30 AM, Manoj Khangaonkar
<> wrote:
> Hi Bengt,
> Subject can have more than 1 principal.
> subject.getPrincipals() returns a principalCollection.
> SimpleAuthenticationInfo takes PrincipalCollection.
> You can associate additional user attributes with the subject using
> principalcollection.
> Manoj
> On Tue, Nov 8, 2011 at 5:39 AM, Bengt Rodehav <> wrote:
>> I'm using Shiro 1.1 and I've implemented my own realm to be able to delegate
>> authentication to a legacy application.
>> I have extended "AuthorizingRealm" and my "doGetAuthenticationInfo" method
>> returns a "SimpleAuthenticationInfo" containing the user and the password.
>> To check who is logged in I call
>>   Subject currentUser = SecurityUtils.getSubject();
>> From the subject I can found out who is logged in by calling:
>>   currentUser.getPrincipal().toString()
>> This gives me the login name. I'm not sure if this is how I should do it but
>> it seems to work fine. However, I also want to retrieve a clear text name
>> for the currently logged in user. I get this information from our legacy
>> application and I'd like to present it in our web application. How can I do
>> this?
>> I assume that what is returned from my "doGetAuthenticationInfo" method
>> somehow is stored in the subject. I guess that I could then subclass
>> "SimpleAuthenticationInfo" and add my extra information. But how can I
>> retrieve it from the subject?
>> Best regards,
>> /Bengt
> --

View raw message