Hi, I had a question about Shiro principals.
Should device attributes (e.g. user agent) be considered as part of the security principal...or would they be something else? Just to provide some context to my question the device attributes generally determine what operations can be run on the client, not because the client is "not allowed" to run these operations, but because the client may/may not be able to run specific applications/operations. If device attributes are part of a security principal, would they be considered part of the same principal as the user...or would the user and device be separate principals in a principal collection (I assume user would be the primary principal?)? thanks in advance, Gareth -- View this message in context: http://shiro-user.582556.n2.nabble.com/Principal-And-Device-Attributes-tp7578222.html Sent from the Shiro User mailing list archive at Nabble.com.
