Hi Jiggy, Currently Shiro does not have support for the notion of RunAs events. I encourage you to open a Jira issue if you would like to see this as a new feature.
In the meantime, you can side-step this for now is to use your own event listener mechanism. Since you control when subject.runAs is called, you can immediately trigger your own event right after that method is called. Your listeners would then react accordingly. HTH, -- Les Hazlewood Founder, Katasoft, Inc. Application Security Products & Professional Apache Shiro Support and Training: http://www.katasoft.com On Mon, Nov 8, 2010 at 9:54 AM, JMalkan <[email protected]> wrote: > > Hi, > > I am relatively new to Shiro (3 weeks) > I am implementing user impersonation functionality where admin can > visualize > the system as an user from a particular role/permission. > > This is a very nice Shiro feature. It would have been very hard to > implement > this without framework support. > > One of the things we do in our authentication process is to set small piece > of user data (see below code sample) in the session via > AuthenticationListener.onSuccess(). > > Code to read token and retrieve profile from data source. > subject.getSession().setAttribute("USER_PROFILE", profile); > > This Listener does not get invoked when subject.runAs(principals) is > called. > Currently I have AuthenticationListener.onSuccess() logic in 3 places. > > I could think of 3 possible solutions in the Shiro Framework. > > 1. Execute AuthenticationListener methods treating subject.runAs() like an > login attempt. > 2. Add additional methods on the AuthenticationListener to differentiate > between login and runAs attempts. > 3. Have a separate interface like AuthenticationRunAsListener. > > > I would appreciate if someone could guide me in the right direction. > > > Jiggy. > -- > View this message in context: > http://shiro-user.582556.n2.nabble.com/How-to-handle-listen-for-subject-runAs-like-AuthenticationListener-tp5717899p5717899.html > Sent from the Shiro User mailing list archive at Nabble.com.
