The other option that occurred to me is to make the the company ids "principals". A subject is a collection of principals, one of which is your user name. Another could be the company id.
I have setup a system that also represented user groups as principals. This allows doGetAuthorizationInfo to look at both the user name and the groups to determine permissions. (In this case, groups and roles were two distinctly separate concepts). However, if all you want is to use it for permissions check, I agree with Phil, just create permissions based on it in doGetAuthorizationInfo. On 07/07/2011 03:02 PM, Phil Steitz wrote: > On 7/7/11 10:40 AM, dreamage wrote: >> Hi, >> >> I've implemented by own realm to deal with our security model (a database >> realm).The problem I'm having right now is that in our database, each user >> is associated with a company id (1,2,3...). I would like to access this >> information from the Subject object in the code to be able to use it with my >> permissions check. I saw that there is a Builder concept for the Subject, >> but it doesn't seem to be what I should use in a normal usage (web >> application). >> >> Is there anything I can add to my realm to be able to push additional >> information (like the company id) to the Subject ? > Have you thought about just adding / encoding the necessary > information in the Permissions that you set up for the user in your > realm's doGetAuthorizationInfo implementation? > > Phil >> Thanks >> >> -- >> View this message in context: >> http://shiro-user.582556.n2.nabble.com/Subject-custom-data-from-database-tp6559272p6559272.html >> Sent from the Shiro User mailing list archive at Nabble.com. >>
