Correct. To complete the picture:
https://shiro.apache.org/terminology.html Also, the PrincipalCollection knows which realms the user is known in. This is why most methods return such a collection, not a single Principal. Most apps only have one realm, but they could have multiple realms. E.g. LDAP and a config file. On Wed, 4 Nov 2020, 12:30 Andreas Reichel, <[email protected]> wrote: > > > On Wed, 2020-11-04 at 13:07 +0300, Alex Orlov wrote: > > So, could anyone explain what is Principal — is it a User or User.getId()? > > > > Good afternoon Alex. > > while I am just a Shiro user (but not a developer), my understanding is, > that a Principal is anything you (or a service) can authenticate or > authorize against. > Any entity, you can send to a service and get a response ( "yes" > authenticated) for, is a principal. > > The nature of this principal depends on the service itself. > If the authentication service expects a Username, then this Username is a > Principal. But if the service expects a Global Unique Token, then this > Username would not qualify as a Principal (but the Token would). > > Cheers! > Andreas >
