Hello Schlool, in that case you would still be able to write your own Authenticator. Just define as much Realms as you wish and then write your own Authenticator which selects the Realm based on the name.
As a template you could use the ModularRealmAuthenticator[1]. Instead of iterating through the realms and trying to authenticate with each, just check the name first and only authenticate if it matches. To install your custom authenticator, just put this into your ini file: [main] authenticator = com.foo.bar.CustomAuthenticator blahRealm = com.company.blah.Realm blahRealm.name = LDAP fooRealm = com.company.foo.Realm fooRealm.name = CONFIG barRealm = com.company.another.Realm barRealm.name = DATABASE ; the next line is optional securityManager.realms = $fooRealm, $barRealm, $blahRealm We have some examples here: https://shiro.apache.org/authentication.html#Authentication-RealmAuthentication [1]: https://github.com/apache/shiro/blob/9e68eb488644f4a8ee72c4ec736d257a66e5cc5d/core/src/main/java/org/apache/shiro/authc/pam/ModularRealmAuthenticator.java - Ben Am Mi., 21. Apr. 2021 um 22:45 Uhr schrieb Schloool <kont...@max-schlosser.de>: > > Thanks for your answer. > Wouldn't using a custom ini with interpolation mean setting up multiple > "pre-set" ini-files (e.g. for LDAP, Database, ...) so the fitting > ini-configuration gets loaded depending on a user's choice? > > As an example, when the user wants to use LDAP, he would set up an > environment such as AUTH_METHOD=LDAP. My setup would recognize this choice > and would load the shiro-ldap.ini, which may read out env-vars using string > interpolations for the URL and the DN-template, so the correct realm > instance gets loaded using this special ini-file? > > > > -- > Sent from: http://shiro-user.582556.n2.nabble.com/
