I do not see any RolePermissionResolver attached to your activeDirectoryRealm which would look something like this:
rolePermissionResolver = de.scsynergy.elementary.qi.shiro.ActiveDirectoryRolePermissionResolver activeDirectoryRealm.rolePermissionResolver = $rolePermissionResolver In order for Shiro to attach permissions to a Subject on login it needs to map the AD group to the corresponding Shiro role and then load that role's permissions from somewhere (in our case MongoDB) via a RolePermissionResolver. Here is a hopefully helpful post which explains how to do it http://shiro-user.582556.n2.nabble.com/Example-Shiro-Active-Directory-Realm-with-role-gt-permission-mapping-td7579030.html. We use Shiro, Camel and Active Directory with SPNEGO / Kerberos on Wildfly application server and will gladly help as best we can. -- View this message in context: http://shiro-user.582556.n2.nabble.com/Active-directory-map-roles-and-permissions-to-use-with-camel-shiro-tp7562083p7581127.html Sent from the Shiro User mailing list archive at Nabble.com.
