No problem. Just to be clear though, two configured realms would have worked just as well. Your 2nd Realm would subclass AuthorizingRealm and it would always return false for the supports(AuthenticationToken) implementation since you never want it to participate in authentication.
Then you would implement the doGetAuthorizationInfo method to pull in roles for that user however you want. The benefit of this approach rather than having 1 realm do both is that it is a little less coupled - you could swap out either realm implementation for another without impacting the other. Authentication and Authorization are orthogonal processes and almost never require dependencies between the two. Regards, Les On Thu, Jan 21, 2010 at 3:09 PM, rchristy <[email protected]> wrote: > > Sorry Les, I am post behind you. So this sounds like I am on the right > track, thanks for the help. > > Rich > -- > View this message in context: > http://n2.nabble.com/Multiple-Realms-tp4434653p4436055.html > Sent from the Shiro User mailing list archive at Nabble.com. >
