Hello Armando, That sounds really interesting - it sounds like we have the same requirements. Can you give some more detail about your solution? E g what classes do you subclass and what methods do you re-implement? Do you also have some logic for IP range checking (not that trivial I think)?
/Bengt Den ons 21 nov. 2018 kl 08:35 skrev armandoxxx <[email protected]>: > Another solution is to completely ignore ini.file for access tokens and > read > tokens and IPs from another data source (our case database). > > we have the same issue: we must give acces to users if they have token and > are in allowed IP range. > > We did this by implementing custom shiro authenticating filter with > corresponding realm > > StringToken code > > > > Token filter > > > Token realm (please note that this is spring-boot-hibernate implementation > > > Regards > Armando > > > > > -- > Sent from: http://shiro-user.582556.n2.nabble.com/ >
