You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@shiro.apache.org by scSynergy <ro...@scsynergy.de> on 2016/07/14 07:19:41 UTC

Re: Active directory, map roles and permissions to use with camel-shiro

I do not see any RolePermissionResolver attached to your activeDirectoryRealm
which would look something like this:

rolePermissionResolver =
de.scsynergy.elementary.qi.shiro.ActiveDirectoryRolePermissionResolver
activeDirectoryRealm.rolePermissionResolver = $rolePermissionResolver 

In order for Shiro to attach permissions to a Subject on login it needs to
map the AD group to the corresponding Shiro role and then load that role's
permissions from somewhere (in our case MongoDB) via a
RolePermissionResolver. Here is a hopefully helpful post which explains how
to do it
http://shiro-user.582556.n2.nabble.com/Example-Shiro-Active-Directory-Realm-with-role-gt-permission-mapping-td7579030.html.

We use Shiro, Camel and Active Directory with SPNEGO / Kerberos on Wildfly
application server and will gladly help as best we can.



--
View this message in context: http://shiro-user.582556.n2.nabble.com/Active-directory-map-roles-and-permissions-to-use-with-camel-shiro-tp7562083p7581127.html
Sent from the Shiro User mailing list archive at Nabble.com.