You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@shiro.apache.org by NabbleSometimesSucks <bi...@yahoo.com> on 2013/03/19 17:17:48 UTC

Re: custom token and realm

We are doing the exact same thing.

A single server for security, where users login via username/password.
However, they are not logging in directly through that server website. It
will be mobile devices and other web sites login page that they enter. The
request then is sent to the security server via REST calls. For the other
web sites that would be enough to be logged in. 

But for the mobile devices it would be two fold. One with the REST call to
the security server to login with username/password. Which would then allow
the mobile devices to call a REST api to generate a Token and return it.
Which then can be used when the mobile app connects to our game-server via
sockets. They can do a handshake with the token.

We had to write custom Realm, Cache and Cache manager. The cache manager is
the key to getting the SSO approach.

But I have to say it isn't 100% working yet. The REST login via
username/password is sort of working, but not quite so.

Mark



--
View this message in context: http://shiro-user.582556.n2.nabble.com/custom-token-and-realm-tp7578451p7578462.html
Sent from the Shiro User mailing list archive at Nabble.com.