shiro-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jleleu <>
Subject RE: help understanding doGetAuthorizationInfo(PrincipalCollection principals)
Date Tue, 19 Mar 2013 10:18:48 GMT

I'm not sure to clearly follow this discussion. But if it might help, here
are some inputs :
- the authenticated user identity is a collection of principals
(identity/attribute), the first principal must be unique and each principal
is normally associated to the realm which has created it.
- the /doAuthenticationInfo/ method creates the principals (= authenticated
user identity) and the /doGetAuthorizationInfo/ method grants the roles and
the permissions according to this principals given as input
- each realm indicates which kind of token "it works on", through the
/supports/ method.

I had in mind that realm name cannot be ommitted so I don't understand why
you can have principals but no principals realm except if you query the
wrong realm name.

I advice you to read the Javadoc regarding the *Realm* and
*PrincipalCollection* interfaces and the *SimplePrincipalCollection* class
for example.

Best regards,

View this message in context:
Sent from the Shiro User mailing list archive at

View raw message