You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@jena.apache.org by "Nouwt, B. (Barry)" <ba...@tno.nl.INVALID> on 2019/10/10 18:25:25 UTC
Jena Permissions best practice
Hi all,
in a project of ours where we combine Jena Permissions with Graph Event Listeners we encountered a nasty problem with the ShiroExampleEvaluator on the jena website. Here it is suggested to return the an object of class Subject (via the SecurityUtils.getSubject() method) as the getPrincipal(). However, this is a complex object and contains sessions information which can cause problems if an EventManager stores it for later use. So, the recommendation is to not return the entire object, but just its username String. In our case, this solved certain exceptions in shiro about invalidated sessions.
Regards, Barry
This message may contain information that is not intended for you. If you are not the addressee or if this message was sent to you by mistake, you are requested to inform the sender and delete the message. TNO accepts no liability for the content of this e-mail, for the manner in which you use it and for damage of any kind resulting from the risks inherent to the electronic transmission of messages.
RE: Jena Permissions best practice
Posted by "Nouwt, B. (Barry)" <ba...@tno.nl.INVALID>.
Sorry, forgot the link to the document that suggests to use Shiro's SecurityUtils.getSubject() to implement the SecurityEvaluator.getPrincipal() method: https://jena.apache.org/documentation/permissions/example.html#review-of-shiroexampleevaluator
-----Original Message-----
From: Nouwt, B. (Barry) <ba...@tno.nl.INVALID>
Sent: donderdag 10 oktober 2019 20:25
To: users@jena.apache.org
Subject: Jena Permissions best practice
Hi all,
in a project of ours where we combine Jena Permissions with Graph Event Listeners we encountered a nasty problem with the ShiroExampleEvaluator on the jena website. Here it is suggested to return the an object of class Subject (via the SecurityUtils.getSubject() method) as the getPrincipal(). However, this is a complex object and contains sessions information which can cause problems if an EventManager stores it for later use. So, the recommendation is to not return the entire object, but just its username String. In our case, this solved certain exceptions in shiro about invalidated sessions.
Regards, Barry
This message may contain information that is not intended for you. If you are not the addressee or if this message was sent to you by mistake, you are requested to inform the sender and delete the message. TNO accepts no liability for the content of this e-mail, for the manner in which you use it and for damage of any kind resulting from the risks inherent to the electronic transmission of messages.