So, I've checked in my first crack at a crowd based realm. I have a
few questions.
As you may have noticed, I used enums to direct the behavior of the
realm. It's not sure to me that this will work within the framework
as it now stands.
When you log into Crowd you get a token. This token can be checked on
a regular basis to make sure that it's still valid; one can invalidate
the token session from the Crowd console. It's not clear to me where
I can place this check in JSecurity. I'm thinking that I'll need to
write my own filter that gets the Subject and obtains the credentials
object that I returned during authentication. In this credential is
the token and I can use that to check the validity of it.
Thoughts?
Regards,
Alan
- Atlassian Crowd based realm Alan D. Cabrera
-
