shiro-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nagaraju Kurma <>
Subject Re: Architecture Help
Date Thu, 27 Jun 2013 11:40:51 GMT
how to redirect to previous activity page once the user logged in after
session timeout

On Thu, Jun 20, 2013 at 9:09 PM,

> Hi, Dave.
> I am also new to Shiro, but have a similar problem of needing to have
> various applications authenticate with each other behind a reverse proxy
> (Nginx), in addition to having users log in with passwords.  In our case we
> are giving out API keys to each application for working with each other
> application.  The application name and API key are handled exactly like a
> username and password, but in a separate realm.  This separation is
> essentially to keep the namespaces separate, but also always for special
> handling as needed.  We store the separate realms in separate databases,
> but
> the schema is similar for both.
> In our case, we have a base abstract resource class that the user and the
> app classes inherit from.  The concrete classes just read credentials from
> different fields and pass them along to a common handler.  For example:
> The concrete classes define the PRINCIPAL and CREDENTIAL constants
> differently.  If you need to read from headers instead of JSON fields, you
> would change the method to do that.
> In the abstract class:
> Note here that we have methods isValidPrincipal(principal) in each concrete
> class to check as appropriate whether the username or application name are
> valid.  There is also a lot of custom logging for each class.
> In our test shiro.ini, for the realms configuration:
> Note that I will be changing this in production so the passwords and keys
> are not stored in plaintext in the database, but this gives you the general
> idea of our prototype.
> I hope that gives you an idea for one approach to this problem.  Good luck.
> --
> View this message in context:
> Sent from the Shiro User mailing list archive at




View raw message