Could you explain what is correct? The question is if a principal is an ACTOR or ACTOR’S attribute. Everyone should agree that user != username, shouldn’t he?
-- Best regards, Alex Orlov >Среда, 4 ноября 2020, 15:01 +03:00 от Benjamin Marwell <[email protected]>: > >Correct. > >To complete the picture: > >https://shiro.apache.org/terminology.html > >Also, the PrincipalCollection knows which realms the user is known in. This is >why most methods return such a collection, not a single Principal. > >Most apps only have one realm, but they could have multiple realms. E.g. LDAP >and a config file. > > > >On Wed, 4 Nov 2020, 12:30 Andreas Reichel, < [email protected] > >wrote: >> >> >> >>On Wed, 2020-11-04 at 13:07 +0300, Alex Orlov wrote: >>>So, could anyone explain what is Principal — is it a User or User.getId()? >>> >> >>Good afternoon Alex. >> >>while I am just a Shiro user (but not a developer), my understanding is, that >>a Principal is anything you (or a service) can authenticate or authorize >>against. >>Any entity, you can send to a service and get a response ( "yes" >>authenticated) for, is a principal. >> >>The nature of this principal depends on the service itself. >>If the authentication service expects a Username, then this Username is a >>Principal. But if the service expects a Global Unique Token, then this >>Username would not qualify as a Principal (but the Token would). >> >>Cheers! >>Andreas
