Uploaded image for project: 'Shiro'
  1. Shiro
  2. SHIRO-465

Support externalized principal mapping in AuthenticatingRealm and ModularRealmAuthenticator

    XMLWordPrintableJSON

Details

    Description

      The basic idea is to provide a plug-in point that can be used to resolve principals to things like groups or effective principals. The primary use case that is driving this for me is to be able to resolve authenticated principals to a set of groups where that user to group mapping is external to the user repository. In addition other mappings can be done like mapping a real user principal to an effective user principal. This would be useful when a translation is required from an external identity store (e.g. LDAP) to some application specific identities. The existing pattern for things like RolePermissionResolver should be followed for consistency.

      Attachments

        Issue Links

          is depended upon by

          New Feature - A new feature of the product, which has yet to be developed. SHIRO-631 Principal mapping rules similar to Hadoop's auth_to_local

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Open
          is related to

          New Feature - A new feature of the product, which has yet to be developed. SHIRO-464 Support role mapping similar to PermissionResolver and RolePermissionResolver

          • Major - Major loss of function.
          • Open

          New Feature - A new feature of the product, which has yet to be developed. SHIRO-631 Principal mapping rules similar to Hadoop's auth_to_local

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Open

          Activity

            People

              Unassigned Unassigned
              kminder Kevin Minder
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated: