Dominic Farr wrote > if you have access to the request object you can grab the session object > and then the principal object and inject what you need
Hi Dominic I'm not sure I understand what you're referring to by the request object. Ideally, I would like to use an AuthenticationListener to set the additional principals, so I've looked in SecurityUtils.getSubject().getSession() but I can't see anything related to principals within getSession(). I've also looked into using SecurityUtils.getSubject().getPrincipals() but cannot see anything that would let me set a principal. Would you be able to provide some example code or let me know which methods I need to invoke to set the additional principals please? Kind Regards Paul -- View this message in context: http://shiro-user.582556.n2.nabble.com/Setting-Principals-Outside-of-a-Realm-tp7579653p7579719.html Sent from the Shiro User mailing list archive at Nabble.com.
