See here for a working example of changing where the searching for roles is
done
https://github.com/opticyclic/shiro-spring-examples/tree/master/ms-active-directory-custom
Specifically:
During login we bind using the user credentials and get the roles (we have
to copy the code from the parent
Ahh, I understand now.
Take a look at this thread:
http://shiro-user.582556.n2.nabble.com/How-to-set-a-custom-principal-object-td1090270.html
You could possibly build and attach an AuthorizationInfo object to
your principal when the user logs in.
There are a couple scenarios that this would