+1
On Sat, Aug 22, 2009 at 12:12 AM, Les Hazlewood<[email protected]> wrote: > In a multi-realm authentication (PAM) scenarios, Shiro's default has > always been to employ an AllSuccessful authentication strategy, > meaning every single realm that is configured must process an > AuthenticationToken successfully for the overall login attempt to be > considered successful. > > In the majority of apps I've encountered, this is rarely the desired > strategy. People usually want to try multiple realms, and, if at > least one is successful, then consider the attempt successful. By the > number of questions on the Grails user list related to enabling this > strategy, it seems to confirm my beliefs. > > I'd like to change the default strategy to be AtLeastOneSuccessful > strategy, which would enable this behavior as the default moving > forward. Any objections to me changing this? > > Thanks, > > Les >
