[
https://issues.apache.org/jira/browse/SHIRO-798?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17228780#comment-17228780
]
Brian Demers commented on SHIRO-798:
------------------------------------
I’ve been following them, and I asked a similar question there too.
I like to understand the use case at a higher level, the how and when these
APIs need to be accessed from an application.
Maybe there is something else Shiro can do to expose the functionality, and
continue to hide the implementation.
Maybe not, but it’s a good starting point.
> Improvement in Shiro API
> ------------------------
>
> Key: SHIRO-798
> URL: https://issues.apache.org/jira/browse/SHIRO-798
> Project: Shiro
> Issue Type: Improvement
> Affects Versions: 1.7.0
> Reporter: Pavel_K
> Priority: Major
> Fix For: 2.0.0
>
>
> This issue was inspired by [this
> thread|http://shiro-user.582556.n2.nabble.com/How-to-get-all-logged-in-Subjects-td7582249.html]
> in shiro user mailing list:
> I suggest:
>
> 1)To change API to open access to some top level objects, SessionManager,
> SessionDAO etc.
> (return null if some implementation doesn’t have one of them)
> 2) To separate SecurityManager from SessionManager (leave only has relation).
> API must be more flexible. Particularly for Shiro 2.0 that, as I understand,
> must support jpms. The main idea of jpms is to have a clear API and to hide
> implementation.
> If it is necessary to make casting and get implementations to get active
> sessions we can conclude that is necessary to improve API.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
