shiro-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nagaraju Kurma <nagaraju.ku...@enhancesys.com>
Subject Re: Architecture Help
Date Thu, 27 Jun 2013 11:40:51 GMT
how to redirect to previous activity page once the user logged in after
session timeout


On Thu, Jun 20, 2013 at 9:09 PM, richard@localmed.com
<richard@localmed.com>wrote:

> Hi, Dave.
>
> I am also new to Shiro, but have a similar problem of needing to have
> various applications authenticate with each other behind a reverse proxy
> (Nginx), in addition to having users log in with passwords.  In our case we
> are giving out API keys to each application for working with each other
> application.  The application name and API key are handled exactly like a
> username and password, but in a separate realm.  This separation is
> essentially to keep the namespaces separate, but also always for special
> handling as needed.  We store the separate realms in separate databases,
> but
> the schema is similar for both.
>
> In our case, we have a base abstract resource class that the user and the
> app classes inherit from.  The concrete classes just read credentials from
> different fields and pass them along to a common handler.  For example:
>
> The concrete classes define the PRINCIPAL and CREDENTIAL constants
> differently.  If you need to read from headers instead of JSON fields, you
> would change the method to do that.
>
> In the abstract class:
>
> Note here that we have methods isValidPrincipal(principal) in each concrete
> class to check as appropriate whether the username or application name are
> valid.  There is also a lot of custom logging for each class.
>
> In our test shiro.ini, for the realms configuration:
>
>
> Note that I will be changing this in production so the passwords and keys
> are not stored in plaintext in the database, but this gives you the general
> idea of our prototype.
>
> I hope that gives you an idea for one approach to this problem.  Good luck.
>
>
>
>
>
> --
> View this message in context:
> http://shiro-user.582556.n2.nabble.com/Architecture-Help-tp7578861p7578863.html
> Sent from the Shiro User mailing list archive at Nabble.com.
>



-- 

Regards,****

Nagaraju.

Mime
View raw message