You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@shiro.apache.org by Filipe Sousa <na...@gmail.com> on 2011/01/18 15:12:38 UTC
Different realms for different URLs
Is it possible to use different realms for different URLs.
Here's what I need:
[urls]
/myapp/** authc <-- jdbc realm
/portal/** authc <-- ldap realm
Thanks
--
Filipe Sousa
Re: Different realms for different URLs
Posted by Les Hazlewood <lh...@apache.org>.
Hi Filipe,
One idea is to create a custom AuthenticationToken class (maybe a
subclass of UsernamePasswordToken?) that additionally contains a
discriminator field of some sort. In your Realm's 'supports' method
implementation, you can check the discriminator property of the custom
AuthenticationToken and only return true if that Realm should process
that token. You would probably also need to create a new
AuthenticationFilter implementation (and call it 'authc', overriding
the old one) that knows how to construct your custom token and set the
discriminator based on the URL.
Another approach is to create a custom Authenticator that knows how to
dispatch the token to the respective realms (e.g. in shiro.ini:
securityManager.authenticator = $myCustomAuthenticator).
HTH,
Les
On Tue, Jan 18, 2011 at 6:12 AM, Filipe Sousa <na...@gmail.com> wrote:
> Is it possible to use different realms for different URLs.
>
> Here's what I need:
>
> [urls]
> /myapp/** authc <-- jdbc realm
> /portal/** authc <-- ldap realm
>
> Thanks
> --
> Filipe Sousa