Hi Les, is there any chance you could provide an example of how to construct
and cache an AuthorizationInfo object during authentication? I"d like to
share a piece of my code, perhaps you could help me out.
Page Class,
I get user roles from authenticate as authenticate.getRoles(); I need to
pass them into shiro.
//Remote authentication
RemoteLoginClient client = new RemoteLoginClient();
RemoteSubject authenticate = client.authenticate(username,
password);
//tapestry security authentication
Subject currentUser = SecurityUtils.getSubject();
System.out.println(currentUser);
CustomAuthenticationToken token = new CustomAuthenticationToken
(authenticate.getUsername());
System.out.println("roles" +
currentUser.hasRoles(authenticate.getRoles()));
currentUser.login(token);
This is my realm,
public class CustomRealm extends AuthorizingRealm {
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken
token) throws AuthenticationException {
CustomAuthenticationToken upToken = (CustomAuthenticationToken )
token;
String email = upToken.getUsername();
ApplicationUser applicationUser = (ApplicationUser)
session.createCriteria(ApplicationUser.class)
.add(Restrictions.like("email", email + "%"))
.uniqueResult();
if (applicationUser == null) {
throw new UnknownAccountException("User doesn't exist in EPRS
database");
}
return buildAuthenticationInfo(applicationUser.getId());
}
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection
principals) {
return new SimpleAuthorizationInfo(roleNames);
}
Thanks Les.
--
View this message in context:
http://shiro-user.582556.n2.nabble.com/Shiro-and-LDAP-authorization-tp7096956p7520967.html
Sent from the Shiro User mailing list archive at Nabble.com.
