Vidar Vevik created SHIRO-642:
---------------------------------
Summary: FirstRealmAuthenticator
Key: SHIRO-642
URL: https://issues.apache.org/jira/browse/SHIRO-642
Project: Shiro
Issue Type: New Feature
Components: Authentication (log-in)
Reporter: Vidar Vevik
Priority: Minor
I noticed that Shiro was having different functionalities when between one and
many realms in use. I used time to dig into this and it resulted in a
suggestion for a new Shiro class with name FirstRealmAuthenticator.
My suggestion for FirstRealmAuthenticator is that it is equal to
ModularRealmAuthenticator except that when it finds first realm that is used
for token it will handle it in the same way as it was the only realm and skip
all other realms. The benefit of this is speed and similarity.
Here is example code for method doMultiRealmAuthentication:
{{ protected AuthenticationInfo
doMultiRealmAuthentication(Collection<Realm> realms, AuthenticationToken token)
{
AuthenticationStrategy strategy = getAuthenticationStrategy();
AuthenticationInfo aggregate =
strategy.beforeAllAttempts(realms, token);
if (log.isTraceEnabled()) {
log.trace("Iterating through {} realms for PAM
authentication", realms.size());
}
for (Realm realm : realms) {
aggregate = strategy.beforeAttempt(realm, token,
aggregate);
if (realm.supports(token)) {
log.trace("Attempting to authenticate token
[{}] using realm [{}]", token, realm);
AuthenticationInfo info =
realm.getAuthenticationInfo(token);
aggregate = strategy.afterAttempt(realm, token,
info, aggregate, null);
break;
} else {
log.debug("Realm [{}] does not support token
{}. Skipping realm.", realm, token);
}
}
aggregate = strategy.afterAllAttempts(token, aggregate);
return aggregate;
}
}}
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
