Tuomas Kiviaho created SHIRO-400:
------------------------------------
Summary: Allow access to AuthenticationInfo when making decision
of it's cache key
Key: SHIRO-400
URL: https://issues.apache.org/jira/browse/SHIRO-400
Project: Shiro
Issue Type: Improvement
Components: Authentication (log-in)
Affects Versions: 1.2.1
Reporter: Tuomas Kiviaho
Priority: Minor
Currently it is not possible to utilize generated authentication info in it's
key generation when it is written to cache.
I'm unable to override the {{getAuthenticationInfo}} and
{{cacheAuthenticationInfoIfPossible}} due to their private and final nature and
therefore I suggest that there would be a {{protected Object
getAuthenticationCacheKey(AuthenticationToken token, AuthenticationInfo info)}}
variant which would fall back to the original implementation by default thus
being backwards compliant as well. This variant would be used only when writing
to the cache.
My current workaround options are to mutilate the token itself or duplicate the
cache handling at {{assertCredentialsMatch}}.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
