Hey Mario, The typical use case is a web server (though not limited to this). An RPC app can fit into this category. This example uses Spring remoting: https://github.com/apache/shiro/tree/master/samples/spring-mvc
The getSubject() method will return the subject bound to the current thread. So If your application is not using HTTP, you would just need bind a new subject to your handling thread. Can you give a few more details on your stack, and we might be able to point you in the right direction. -Brian On Thu, Apr 20, 2017 at 4:05 PM, Mario Emmenlauer <[email protected]> wrote: > > Dear All, > > is Shiro good to be used for a server application? From the tutorial > and documentation I found that a general concept is the "current user": > Subject currentUser = SecurityUtils.getSubject(); > > But in my Java server application, I'd like to work with remote users > from a C++ app (via RPC). The remote users send credentials via SSL RPC, > and receive a session token. The server side authentication is not based > on currentUser, but on the username/password. Am I understanding correctly > that this is not the "typical" use case for Shiro? Is Shiro even a good > match for this use case? How to generate a Subject and session token? > > Awesome software, by the way! :-) > > Thanks and all the best, > > Mario > >
