Details
-
Improvement
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
0.9.0
-
None
Description
The KnoxJwtRealm was added as another form of shiro authentication, and works for the native shiro URL authorization. We need to add special handling to ShiroAuthenticationService.getAssociatedRoles so that we can obtain groups for Knox realm users and use them for notebook authorization.
A better long term approach would probably be to eliminate the need for getAssociatedRoles all together and better natively use the shiro API, but for now this would at least add better Knox support.
