Hi Rômulo, Typically you represent this information by a simple 'pointer' stored in the PrincipalCollection returned from your Realm during authentication. Then you can look up the UserProfile object from LDAP at any time in the future. You can use Shiro's cache mechanism to reduce back-end load if you want, or use a different caching mechanism altogether.
During runtime, you can get use the 'pointer' to look up the meaningful data. For example, during login in your Realm: String ldapDN = //whatever you get after login SimplePrincipalCollection principals = new SimplePrincipalCollection(ldapDN, getName()); return new SimpleAuthenticationInfo(principals, credentials); Then later in the application: String ldapDN = subject.getPrincipals().oneByType(String.class); UserProfile profile = userManager.getUserProfile(ldapDN); your 'userManager' object can use whatever cache mechanism you want to ensure the lookups remain fast. For example, during login, you can put the UserProfile object into the cache. Then during lookup (the 'getUserProfile' call above), it can pull it from the same cache (or look it up from LDAP if the cache has expired it). Typically for performance reasons, you want the Session to remain as fast and efficient as is possible. Also, it should be noted, that when you store simple pointers in the PrincipalCollection, they can be retrieved later via RememberMe services, even if the session has stopped or expired. HTH, -- Les Hazlewood CTO, Katasoft | http://www.katasoft.com | 888.391.5282 twitter: @lhazlewood | http://twitter.com/lhazlewood katasoft blog: http://www.katasoft.com/blogs/lhazlewood personal blog: http://leshazlewood.com On Mon, Oct 3, 2011 at 6:30 PM, [email protected] <[email protected]> wrote: > I was trying the following approach to load user profile: > I tried to override the queryForAuthenticationInfo adding the following > code: > > Subject currentUser = SecurityUtils.getSubject(); > Session session = currentUser.getSession(); > UserProfile userProfile = new UserProfile(); > userProfile = LdapUtil.loadProfile(ctx); > session.setAttribute( "userProfile", userProfile ); > > Basically, I put the profile in the user's session to be retrieved later if > necessary. > > At the first time the login the profile was loaded. But after logout and > login again the profile wasn't loaded, maybe because I'm using the cache, > and the code isn't run in the second execution. > > Anybody know where is the best place to implement this functionality? > > Thanks in advance, > > Rômulo Cordeiro Lana > Systems Analyst - Public Prosecutor of the State of Minas Gerais > IT Superintendent - Information Systems - System Architecture > Tel.: (+55 31) 33308340 - [email protected] > > -- > View this message in context: > http://shiro-user.582556.n2.nabble.com/How-to-put-user-profile-in-Shiro-session-with-cache-enabled-tp6856044p6856044.html > Sent from the Shiro User mailing list archive at Nabble.com.
