It is possible, but definitely not recommended - those Session attribute Keys are very implementation-specific, and we could change the names of the keys in the future, or even change the implementation of how we represent authentication state entirely. They're not part of the end-user API. So while you _could_ do it, I highly recommend that you don't do it :)
What is it that you're trying to accomplish? There are other ways to react to sessions and authentication state, such as via SessionListeners and AuthenticationListeners. If we knew your use case, we could help prescribe the appropriate approach for your use case. Regards, Les On Thu, Jun 17, 2010 at 10:28 AM, enabler <[email protected]> wrote: > > .. following up. What attributes of Session = Subject.isAuthenticated? Is is > possible for me to set (enable ) it programmatically? > > *debug shows me WebSubjectFactory.createsubject is doing something similar* > -- > View this message in context: > http://shiro-user.582556.n2.nabble.com/Unable-to-implement-create-read-update-session-tp5183219p5191902.html > Sent from the Shiro User mailing list archive at Nabble.com. >
