Shiro
  1. Shiro
  2. SHIRO-367

Support for auto population of custom principal records

    Details

    • Type: New Feature New Feature
    • Status: Open
    • Priority: Major Major
    • Resolution: Unresolved
    • Affects Version/s: 1.2.0
    • Fix Version/s: None
    • Component/s: Subject
    • Labels:
    • Environment:
      All

      Description

      By default, adding any custom principal objects to the subject is overly difficult, and the implementation of it either reduces the benefit of having Shiro handle authentication, or required duplicate calls to the data store for authentication credentials.

      By default, I think Realms should be extended so that any additional information about the user that is returned from the autentication query (JdbcRealm, Active Directory, etc...) that is not part of the credentials matching process, should be auto-appended to the subject principals collection.

      This would allow developers to add items to the principals for a user simply by controlling what data points came back from the data store call.

      In the case of a JdbcRealm, this would be as simple as adding fields to the return type on the authenticationQuery. They could be mapped to the principal using Strings if we needed simplicity (but more accurate type mappings would be nice), making them immediately accessible without having to implement the custom logic to extend or override doGetAuthenticationInfo. Simply map them as a key value pair using the column name from the query as the key, and then the value.

      Same could be done for all other default realms (ActiveDirectory would be a big one).

        Activity

          People

          • Assignee:
            Unassigned
            Reporter:
            Josh Smith
          • Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated:

              Development