Uploaded image for project: 'Shiro'
  1. Shiro
  2. SHIRO-540

Allow for authentication strategy to stop checking realms after first success

    XMLWordPrintableJSON

    Details

      Description

      The current ModularRealmAuthenticator will continue to check all realms for authc. While this is handy in some cases, it is also desirable not continue checking realms after the first successful realm (especially when using an external auth source like LDAP or a DB)

      I've worked around this in the past by extending an above authenticator to return after the first success. As well as put a potential solution on this branch: https://github.com/bdemers/shiro/commit/b8a631877fee239413b45dbfc118de2759ab9c75 (however this would need to be updated for 2.0)

      Example workaround pre 2.0: https://github.com/sonatype/nexus-oss/blob/master/components/nexus-security/src/main/java/org/sonatype/nexus/security/authc/FirstSuccessfulModularRealmAuthenticator.java

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              mtewel Mariano Tewel
            • Votes:
              1 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated: