Hi, combining Shiro with WASP, I found that the interface
org.apache.wicket.security.hive.authentication.Subject
requires a method
/**
* A readonly view of the principals.
*
* @return the principals
*/
public Set<Principal> getPrincipals();
the only usage for that I found is in BasicHive
subjectPrincipals = subject.getPrincipals();
for (Principal curPrincipal : principalSet)
{
if
(subjectPrincipals.contains(curPrincipal) ||
curPrincipal.implies(subject))
return true;
}
My minor problem with that is that it exposes the Principals of the
Subject needlessly to the rest of the world. Which is bad if the rest of
the world decides to cache the principals, and they change in the
meantime, as Shiro would allow.
To improve, the above could be changed to require
public boolean Subject.principalsImply(Principal);
leaving it to the Subject implementation to verify, not exposing actual
Principals. As this would be sufficient for all cureent needs I can think
of and see, having a getter function for Principal exposes more than we
need to expose. Should caching be required that can surely be the
responsibility of the Subject (or the underlying framework used by the
subject).
As an example the LoginContainer$MultiSubject
already "caches" the principals reading them only in the constructor,
making that incompatible with the Shiro Strategy of dynamically changing
authorizations.
regards,
Thibault
