[
https://issues.apache.org/jira/browse/SHIRO-540?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Francois Papon updated SHIRO-540:
---------------------------------
Fix Version/s: 2.0.0
(was: 2.0.0-alpha)
> Allow for authentication strategy to stop checking realms after first success
> -----------------------------------------------------------------------------
>
> Key: SHIRO-540
> URL: https://issues.apache.org/jira/browse/SHIRO-540
> Project: Shiro
> Issue Type: Improvement
> Components: Authorization (access control)
> Reporter: Mariano Tewel
> Priority: Minor
> Fix For: 2.0.0
>
>
> The current ModularRealmAuthenticator will continue to check all realms for
> authc. While this is handy in some cases, it is also desirable not continue
> checking realms after the first successful realm (especially when using an
> external auth source like LDAP or a DB)
> I've worked around this in the past by extending an above authenticator to
> return after the first success. As well as put a potential solution on this
> branch:
> https://github.com/bdemers/shiro/commit/b8a631877fee239413b45dbfc118de2759ab9c75
> (however this would need to be updated for 2.0)
> Example workaround pre 2.0:
> https://github.com/sonatype/nexus-oss/blob/master/components/nexus-security/src/main/java/org/sonatype/nexus/security/authc/FirstSuccessfulModularRealmAuthenticator.java
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
