hi all,
I'm new to Shiro, and have discovered this thread relating to oauth:
http://www.mail-archive.com/[email protected]/msg00088.html
it hints that there are existing Jira issues related to this but I
couldn't find any.
Has anyone done anything with oauth and Shiro?
I would be very interested.
if not then perhaps someone might point me the the right direction?
I'm not quite sure how such a realm in Shiro might best be
implemented. The problem is that oauth always needs both user and
serviceprovider entities, and each user has a unique token/secret pair
for every service provider. Each (token/secret)+serviceprovider
association also has its own set of permissions.
So with shiro what would be the best way to carry this forward?
perhaps a separate store containing
serviceprovidertoken ->to-> (appuserid,token/secret,roles,
permissiondata) with which to authenticate the user?, after which I
could populate the AuthorizationInfo using the appuserid, and
permissions discovered here.
Has anyone any thoughts on the best way to use an LDAP directory to
store such data?
Thanks
Jason.
