I've handled this in the past by throwing an AuthenticationException subclass from my realm - something like a ExpiredPasswordException.
Then if the subject.login call catches that exception, it forwards the user to the change password screen. After hitting submit, and the change password process is successful, I'll immediately call subject.login again in that screen's controller to log them in automatically under the new password. That always seemed to work well for me. - Les On Tue, May 4, 2010 at 7:49 AM, Henry Suryawirawan <[email protected]> wrote: > > Hi, > > Is there a way to retrieve the AuthenticationInfo from the current Subject? > > I have a scenario in which when the user logs in, if his password is about > to expire, the system can forward the user to a change password screen > automatically after login. > Currently what I've done is to extend SimpleAccount and add some properties > to indicate the expiring status which is populated in my custom Realm. > > However, in the filter (onLoginSuccess), how can I read this information > since I can only get the Subject object. > > Is there any other way to implement this scenario? > > Thanks. > -- > View this message in context: > http://shiro-user.582556.n2.nabble.com/Get-AuthenticationInfo-From-Subject-tp5003710p5003710.html > Sent from the Shiro User mailing list archive at Nabble.com. >
