Wouldn't the access to the data source be using the authentication details of your *application*, rather than those of the *user*?
On 09/06/2011, at 2:05 PM, juminoz <[email protected]> wrote: > How would you go around this problem? > > User case: > 1) Application uses Shiro framework to do authentication by connecting > through a data source using a custom realm. > 2) That data source is also using Shiro framework to do authentication. > > Since you can't access the data source to authenticate, you can't actually > authenticate to use the data source. > > Any creative idea? > > Thanks, > Jack > > -- > View this message in context: > http://shiro-user.582556.n2.nabble.com/Chicken-Egg-Issue-on-Security-tp6456259p6456259.html > Sent from the Shiro User mailing list archive at Nabble.com.
