Hi Natalie, You can do this in a couple of ways:
1. Use Shiro's 'runAs' feature (Subject.runAs*) to 'run as' the Admin user after they give the correct username/password). 2. Just call subject.login again with the admin principals and credentials. Note that with this approach, the subject will 'lose' the previous subject identity. HTH, Les On Tue, Jun 22, 2010 at 5:14 AM, nmetzger <[email protected]> wrote: > > Hi all, > > my scenario is the following: I have a user that logs into my application > with a regular username/password combination. This user has permission to > view the admin pages of the application. Once he clicks on a link to an > admin page, he is prompted for his admin username and password. Upon > authentication he can access all admin pages without ever having to sign in > as an admin again. > > Is there any way to store this information in a Subject? > > Thanks, > Natalie > -- > View this message in context: > http://shiro-user.582556.n2.nabble.com/authentication-as-user-and-admin-tp5208454p5208454.html > Sent from the Shiro User mailing list archive at Nabble.com. >
