You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@shiro.apache.org by Mike Hummel <mh...@mhus.de> on 2022/01/25 07:52:05 UTC
Provide additional informations like email, name ...
Hello,
I just subscribed to this list. Hopefully I'm right here with my request.
I'm using shiro in my oss and employers eco system to implement security. And I did some around improvements and maybe it will be possible to move some of them in the library itself - or change behaviour if possible.
One of them is the option to provide additional information about the subject. LDAP or other sources are already implemented ans so it is also possible to provide information like email, address, first, last name and more.
Therefore I implemented an interface
https://github.com/mhus-info/mhus-lib/blob/master/lib-core/src/main/java/de/mhus/lib/core/aaa/PrincipalDataRealm.java <https://github.com/mhus-info/mhus-lib/blob/master/lib-core/src/main/java/de/mhus/lib/core/aaa/PrincipalDataRealm.java>
and a container object
https://github.com/mhus-info/mhus-lib/blob/master/lib-core/src/main/java/de/mhus/lib/core/aaa/PrincipalData.java <https://github.com/mhus-info/mhus-lib/blob/master/lib-core/src/main/java/de/mhus/lib/core/aaa/PrincipalData.java>
and tooling (not so important)
https://github.com/mhus-info/mhus-lib/blob/1569bfc3dbae18c2df913fa8ab1ea63c99250ae8/lib-core/src/main/java/de/mhus/lib/core/aaa/Aaa.java#L568 <https://github.com/mhus-info/mhus-lib/blob/1569bfc3dbae18c2df913fa8ab1ea63c99250ae8/lib-core/src/main/java/de/mhus/lib/core/aaa/Aaa.java#L568>
to extend realm behaviour.
I could prepare a pull request if wanted.
Best regards,
Mike
Re: Provide additional informations like email, name ...
Posted by Benjamin Marwell <bm...@gmail.com>.
Hi Mike!
Thanks for your suggestion! I do like the idea, but we need to make it
fit into Shiro's existing API without changing/breaking it. Extending
is okay.
I couldn't find any other LDAP/AD fields you're referencing. Some
(like email) would need to be settable.
I can imagine LDAP and AD realms could get a new setter method like
"setPrincipalDataLoader(PrincipalDataLoader pdl)" which corresponds to
your tooling.
But the realms are hard to access once authc and authz are done.
In general, here's my slight +1, but we need some more comments from
the other maintainers.
Sorry for the late reply!
- Ben
Am Di., 25. Jan. 2022 um 16:57 Uhr schrieb Mike Hummel <mh...@mhus.de>:
>
> Hello,
>
> I just subscribed to this list. Hopefully I'm right here with my request.
>
> I'm using shiro in my oss and employers eco system to implement security. And I did some around improvements and maybe it will be possible to move some of them in the library itself - or change behaviour if possible.
>
> One of them is the option to provide additional information about the subject. LDAP or other sources are already implemented ans so it is also possible to provide information like email, address, first, last name and more.
>
> Therefore I implemented an interface
>
> https://github.com/mhus-info/mhus-lib/blob/master/lib-core/src/main/java/de/mhus/lib/core/aaa/PrincipalDataRealm.java <https://github.com/mhus-info/mhus-lib/blob/master/lib-core/src/main/java/de/mhus/lib/core/aaa/PrincipalDataRealm.java>
>
> and a container object
>
> https://github.com/mhus-info/mhus-lib/blob/master/lib-core/src/main/java/de/mhus/lib/core/aaa/PrincipalData.java <https://github.com/mhus-info/mhus-lib/blob/master/lib-core/src/main/java/de/mhus/lib/core/aaa/PrincipalData.java>
>
> and tooling (not so important)
>
> https://github.com/mhus-info/mhus-lib/blob/1569bfc3dbae18c2df913fa8ab1ea63c99250ae8/lib-core/src/main/java/de/mhus/lib/core/aaa/Aaa.java#L568 <https://github.com/mhus-info/mhus-lib/blob/1569bfc3dbae18c2df913fa8ab1ea63c99250ae8/lib-core/src/main/java/de/mhus/lib/core/aaa/Aaa.java#L568>
>
>
> to extend realm behaviour.
>
>
>
>
> I could prepare a pull request if wanted.
>
>
> Best regards,
>
> Mike