The way I understand Shiro's current Active Directory support (I'm using this
now), the user needs to provide a username and password to authenticate.
Ideally though, users who are already logged into the Active Directory
windows intranet domain (their login to their Windows PC) should simply be
a
Is there a way to use Shiro to integrate with the user's regular Windows
Active Directory domain account?
In other words once they log into their Windows PC, they should get access
to a Shiro/Java web application without entering their credentials a second
time. Preferably it would also be possib
The docs page on the website currently has a "TODO" for SessionManager - is
there any documentation yet on how we listen for events such as session
timeouts?
What I'd like to do is keep track of who is logged on at any given time, so
when a session starts I'll store a record (probably just in n
Yeah, I'm aware of the reasoning for not bothering with providing such
feedback to enhance security, so I totally understand why the feature isn't
there. I only ask about it for a few minor reasons: debugging purposes,
logging/reporting purposes (for high-security requirement apps) and
low-securi
> That should do it!
>
> HTH,
>
> --
> Les Hazlewood
> Founder, Katasoft, Inc.
> Application Security Products & Professional Apache Shiro Support and
> Training:
> http://www.katasoft.com
>
>
> On Wed, Nov 24, 2010 at 8:54
In a small test example I threw together I noticed that when using the
ActiveDirectoryRealm, only AuthenticationException ever seems to get thrown,
regardless of what the issue was. In other words, I believe I recall (when
I was using something other than AD) seeing IncorrectCredentialsException,
n objects, so, since that
source code is within Shiro, how should we set up the Hibernate annotations?
Do we need to subclass some implementation of Session? It doesn't sound
difficult but I'm still unclear on what the "correct" way of doing this
would look like.
Thank
The documentation in this area seems to be missing - where do we start (and
can we?) to have sessions stored in a database rather than an enterprise
cache (like Terracotta, Gigaspaces, etc - we don't have any of these
available). The diagram here seems to indicate that this is possible:
http://s
