I've been meaning to get to this, as it has caused some issues for me in the past as well.
We had came up with this to work around it. https://github.com/sonatype/security/blob/nexus-2.5.x/security-system/src/main/java/org/sonatype/security/authentication/FirstSuccessfulModularRealmAuthenticator.java I have other thoughts on the required shiro changes on the dev list somewhere On Fri, May 23, 2014 at 9:30 AM, Matt Mitchell <[email protected]> wrote: > Hi, > > I have a set of realms registered with the default security manager. I'm > setting the realm name on the subject (via the builder/principals) and have > registered the FirstSuccessfulStrategy for the SM authenticator. When I > login with a user for realm A, the realm correctly returns account info > from its getAuthenticationInfo method. The problem is that Shiro continues > to call getAuthenticationInfo on the other realms. Shouldn't the > FirstSuccessfulStrategy authenticator prevent this from happening? > > Also, If I know the realm for a user before login, is there a way to login > using an explicit realm on a mutli-user/threaded system? Calling setRealm > on the SM feels wrong for some reason. > > Thanks, > Matt >
