You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@shiro.apache.org by tkofford <tk...@ku.edu> on 2015/10/02 21:50:35 UTC

Best Way to Add Multiple Fields to Subject?

I'd really like to integrate my user model object with a shiro Subject, so
that I can pass this single object around to do any user operations (create
or update user info in application DB), as well as any role/permissions
checking (shiro operations). My user model object is simple and only
includes (Username, employeeID, FirstName, LastName, email) all Strings.

I've seen comments that this can be done by adding each field as a separate
principle to the Subject using:
public SimpleAuthenticationInfo(PrincipalCollection principals, Object
credentials)

or adding the user model object to the subject using:
public SimpleAuthenticationInfo(Object principal, Object credentials, String
realmName)

I've also seen an article on creating a custom Subject object by providing
implementations of shiro classes: SubjectFactory and DefaultSecurityManager.
Ideally, I'd like to do the following in my code:

Subject shiroUser = SecurityUtils.getSubject();
shiroUser.hasPermission("somepermission");
shiroUser.getEmail();
shiroUser.getFirstName();
shiroUser.getLastName();

Just wanted to know the best/easiest way to achieve this, or if there's a
best practice for this?

Thanks in advance!
Todd



--
View this message in context: http://shiro-user.582556.n2.nabble.com/Best-Way-to-Add-Multiple-Fields-to-Subject-tp7580796.html
Sent from the Shiro User mailing list archive at Nabble.com.

Re: Best Way to Add Multiple Fields to Subject?

Posted by scSynergy <ro...@scsynergy.de>.

I do not know whether anyone would consider it best practice, but we keep
Shiro subjects separate from any additional information. Instead we have a
CDI bean which is initialized on login using the subject principal's name -
which to this end obviously has to be unique - and then look that user up in
the database and populate the additional information inside the CDI bean
where we can lookup the information at any time.

CDI bean login() method:
  AuthenticationToken at = (new UsernamePasswordToken(username, password,
false));
  subject.login(at);
  compendium.init();

CDI bean Compendium.java:
    @PostConstruct
    public void init() {
        if (user == null && subject.getPrincipal() != null) {
            User ref = new User();
            ref.setName(subject.getPrincipal().toString());
            user = qiFacade.get(ref, User.ROOT);
            if (user != null) {
                tenantId = user.getTenantId();
                if (user.getLocale() != null) {
                    locale = user.getLocale();
                }
            }
        }



--
View this message in context: http://shiro-user.582556.n2.nabble.com/Best-Way-to-Add-Multiple-Fields-to-Subject-tp7580796p7580799.html
Sent from the Shiro User mailing list archive at Nabble.com.