Hi Rich, This is possible, but not documented well and there is no sample application that shows how to do this easily.
I've added a Jira issue to address this: https://issues.apache.org/jira/browse/SHIRO-123 We should be able to do this before releasing 1.0 (hopefully sometime this month). Cheers, Les On Mon, Jan 4, 2010 at 12:44 PM, rchristy <[email protected]> wrote: > > Hello, > > I have downloaded, shiro in an attempt to evaluate it for an upcoming > project. I have been struggling with some concepts I was hoping someone > could clarify for me because I cannot get my simple example working. I have > a simple client (non-web based) that calls a Spring container where all I am > trying to do in one bean is to login using the IniRealm (very simple right > now) and then invoke another bean in the same container that has context of > the subject/session information. I can see the first bean authenticate to > properly, but each time I execute SecurityUtils.getSubject() in any other > bean in the same container, the Subject instance doesn't seem to have any > context from the previous call. I guess I am trying to understand the > following: > > 1) how is subject/session information get passed between the client/server > so user context in terms of permissions/roles is maintained > > 2) are there any shiro classes that help with this. I can see > SecureRemoteInvocationExecutor that appears to be for this purpose, but I > can't find an example that would help me understand how to use this. > > Any help would be greatly appreciated. > > Thanks, > > Rich > -- > View this message in context: > http://n2.nabble.com/Evaluation-Question-tp4251098p4251098.html > Sent from the Shiro User mailing list archive at Nabble.com. >
