I'm having trouble understanding how to tie my filter and realm together.
I have a servlet that I can use to login with google's oauth, no problem.
I can create a filter that does a redirect and does the same sort of login
(I get a valid google email address once the user approves it, and I get the
data via the callback in my filter).
However, I can't seem to figure out which method to return the
AuthenticationToken from so that my realm gets populated.
I also have a custom realm that I can use my EJB DAO to find the application
user and setup their permissions. I just can't get the google auth
information from the filter to the realm.
Is there a simple example of doing this, or am I approaching it incorrectly?
I have this method in a filter that extends AccessControlFilter:
@Override
protected boolean onAccessDenied(ServletRequest request, ServletResponse
response) throws Exception {
if(isGoogleResponse(request)){
AuthenticationToken = getMyCustomGoogleAuthToken(request); //
I get my username from google, and can create an authentication token at
this point
// and need to pass it to my realm, but I can't figure out how to do
that
} else {
sendForwardToGoogleOauthLink(request, response);
// This forwards the page and when the user approves we come back
here and the "if" part of this returns true
}
This is clearly psuedo code, but what method do I implement to return the
token and have it passed to my realm?
--
View this message in context:
http://shiro-user.582556.n2.nabble.com/Trouble-with-OAuth-filter-realm-integration-tp7581070.html
Sent from the Shiro User mailing list archive at Nabble.com.
