The simple answer is yes.
You can achieve this by roles filter, each realm grants a specific role to
the login user. Here's some key code snippet:
filter config:
filterChainDefinitionMap.put("/businessmen/login", "buauthc");
filterChainDefinitionMap.put("/businessmen/**",
"buauthc,roles[businessmen]");
filterChainDefinitionMap.put("/login", "suauthc");
filterChainDefinitionMap.put("/**", "suauthc,roles[admin]");
realm:
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection
principals) {
Collection realmPrincipals = principals.fromRealm(getName());
if(realmPrincipals.isEmpty()) {
return null;
}
SimpleAuthorizationInfo authorizationInfo = new
SimpleAuthorizationInfo();
authorizationInfo.addRole("foo");
return authorizationInfo;
}
--
View this message in context:
http://shiro-user.582556.n2.nabble.com/Multiple-security-managers-and-realms-to-handle-authentication-for-different-sets-of-urls-tp7445068p7581727.html
Sent from the Shiro User mailing list archive at Nabble.com.
