Return-Path: X-Original-To: apmail-shiro-user-archive@www.apache.org Delivered-To: apmail-shiro-user-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 14B2218973 for ; Mon, 9 Nov 2015 09:16:39 +0000 (UTC) Received: (qmail 44308 invoked by uid 500); 9 Nov 2015 09:16:38 -0000 Delivered-To: apmail-shiro-user-archive@shiro.apache.org Received: (qmail 44275 invoked by uid 500); 9 Nov 2015 09:16:38 -0000 Mailing-List: contact user-help@shiro.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: user@shiro.apache.org Delivered-To: mailing list user@shiro.apache.org Received: (qmail 44265 invoked by uid 99); 9 Nov 2015 09:16:38 -0000 Received: from Unknown (HELO spamd4-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 09 Nov 2015 09:16:38 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd4-us-west.apache.org (ASF Mail Server at spamd4-us-west.apache.org) with ESMTP id 3408AC0473 for ; Mon, 9 Nov 2015 09:16:38 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd4-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: 3.88 X-Spam-Level: *** X-Spam-Status: No, score=3.88 tagged_above=-999 required=6.31 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_REPLY=1, HTML_MESSAGE=3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=disabled Authentication-Results: spamd4-us-west.apache.org (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mx1-us-west.apache.org ([10.40.0.8]) by localhost (spamd4-us-west.apache.org [10.40.0.11]) (amavisd-new, port 10024) with ESMTP id cM-z8DRcsUBu for ; Mon, 9 Nov 2015 09:16:27 +0000 (UTC) Received: from mail-ig0-f178.google.com (mail-ig0-f178.google.com [209.85.213.178]) by mx1-us-west.apache.org (ASF Mail Server at mx1-us-west.apache.org) with ESMTPS id 34D05215DF for ; Mon, 9 Nov 2015 09:16:27 +0000 (UTC) Received: by igbhv6 with SMTP id hv6so71641164igb.0 for ; Mon, 09 Nov 2015 01:16:20 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=9/0ruSp1w8hKxb9IXcRUuisn3XKmVz+aptDxgBDJBME=; b=ahrtW17KvLOfL3+ouDyI4HXHz5YkKd7Z8Fa382JtoT/gXiySMdk0Z9yVW3cjy5Q5EG 7laetIdxqXcwTF3x4UTFFUebEg2yrwB3LbiLRuwMWxoMMLBLHZN1dIOpLAdeV7krmJAD RVEOGC+GjL5ss6SPDX4h+7sGjACIx/r79KP1RG6rNv1n7qT/p4m11vJyojNxJFRNIwWn m0JvtoQ7FxCv+IYXIcV57Ky1R9F6oIOdAVkrThjTU4Cj/SLx0ylXmDp3sO48Y/npm+HO Lps59K3GdbryvNE4OjzteZUaKtx1leHG/WeGwCb9z217DBLOO98SXnvBOkseC6PgxDtK Diug== MIME-Version: 1.0 X-Received: by 10.50.66.204 with SMTP id h12mr4444458igt.66.1447060579887; Mon, 09 Nov 2015 01:16:19 -0800 (PST) Received: by 10.50.142.42 with HTTP; Mon, 9 Nov 2015 01:16:19 -0800 (PST) In-Reply-To: References: Date: Mon, 9 Nov 2015 10:16:19 +0100 Message-ID: Subject: Re: Multiple shiro.ini files From: Joffry Ferrater To: user@shiro.apache.org Content-Type: multipart/alternative; boundary=047d7bdc0dbed53ad70524180bc8 --047d7bdc0dbed53ad70524180bc8 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Hello, Yes, multiple realms configuration will probably work with AuthenticationStrategy for domains support. I will look into AuthenticationStrategy. Thank you for your response. :) regards, =3DJoffry=3D On Fri, Nov 6, 2015 at 4:35 PM, Brian Demers wrote= : > Multiple LDAP realms configured in a single .ini file might be the easies= t > thing to do, but that would not include your custom logic for > /. You _might_ be able to use a AuthenticationStrategy > for > that. (maybe do something with the realm name and domain?) > > > On Fri, Nov 6, 2015 at 9:58 AM, C=C3=A9dric Servais > wrote: > >> Hi. Why dont you use multiple realms configuration ? >> >> C=C3=A9dric. >> ------------------------------ >> De : Joffry Ferrater >> Envoy=C3=A9 : =E2=80=8E06-=E2=80=8E11-=E2=80=8E15 15:57 >> =C3=80 : user@shiro.apache.org >> Objet : Multiple shiro.ini files >> >> Hello, >> >> Is it possible to use multiple shiro.ini? >> >> We have a project that uses two shiro.ini files. User will login with >> domain in this format \. We determine the shiro i= ni >> file to use by its domain name. >> >> >> Example: >> >> First user, domainOne\user1. The shiro configuration file to use is >> domainOne.ini and this user1 should be authenticated to LDAP realm >> configured in domainOne.ini. >> >> Second user, domainTwo\user2. The shiro configuration file to use is >> domainTwo.ini and this user2 should be authenticated to the LDAP realm >> configured in domainTwo.ini. >> >> The problem we have is that the first user can authenticate but the >> second user will fail because shiro is still using the previous >> configuration. I think the issue is with the caching. >> >> Is there a way to use multiple shiro configuration? >> >> thanks, >> =3DJoffry=3D >> > > --047d7bdc0dbed53ad70524180bc8 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
Hello,

Yes, multiple realms co= nfiguration will probably work with AuthenticationStrategy for domains supp= ort. I will look into AuthenticationStrategy. Thank you for your response. = :)

regards,
=3DJoffry=3D

On Fri, Nov 6, 2015 at 4:35 PM, Bria= n Demers <brian.demers@gmail.com> wrote:
Multiple LDAP realms configured in a s= ingle .ini file might be the easiest thing to do, but that would not includ= e your custom logic for <domain>/<user>.=C2=A0 You _might_ be a= ble to use a=C2=A0AuthenticationStrategy=C2=A0for that. (maybe do somethin= g with the realm name and domain?)


On Fri, Nov 6, 2015 at 9:58 AM, C=C3=A9dric Servais &l= t;cedric.se= rvais@outlook.com> wrote:
Hi. Why dont y= ou use multiple realms configuration ?

C=C3=A9dric.
Hello,

Is it possible to use multiple shiro.ini?

We have a project that uses two shiro.ini files. User will login with domai= n in this format <domain name>\<username>. We determine the shi= ro ini file to use by its domain name.


Example:

=C2=A0=C2=A0 First user, domainOne\user1.=C2=A0 The shiro configuratio= n file to use is domainOne.ini and this user1 should be authenticated to LD= AP realm configured in domainOne.ini.

=C2=A0=C2=A0 Second user, domainTwo\user2. The shiro configuration fil= e to use is domainTwo.ini and this user2 should be authenticated to the LDA= P realm configured in domainTwo.ini.

The problem we have is that the first user can authenticate but the se= cond user will fail because shiro is still using the previous configuration= . I think the issue is with the caching.

Is there a way to use multiple shiro configuration?

thanks,
=3DJoffry=3D


--047d7bdc0dbed53ad70524180bc8--