Hi Bengt, The Subject's identifying information is intended to be as minimal and lightweight as possible - usually the primary principal is just a 'pointer' to the user data, for example a user ID or username. The reason for this is that the Subject's identity (PrincipalCollection) can be serialized at times - for example, when using RememberMe, the identity is serialized as a cookie.
To ensure things remain as efficient as possible, it is best to have a single primary principal (ID or username) that you can use to look up additional information. For example, use it to look up a User object from a UserManager (which probably talks to a UserDAO, which in turn likely uses some caching strategy to ensure lookups remain fast and efficient). HTH! Best regards, -- Les Hazlewood CTO, Katasoft | http://www.katasoft.com | 888.391.5282 twitter: @lhazlewood | http://twitter.com/lhazlewood katasoft blog: http://www.katasoft.com/blogs/lhazlewood personal blog: http://leshazlewood.com On Tue, Nov 8, 2011 at 5:39 AM, Bengt Rodehav <[email protected]> wrote: > I'm using Shiro 1.1 and I've implemented my own realm to be able to delegate > authentication to a legacy application. > I have extended "AuthorizingRealm" and my "doGetAuthenticationInfo" method > returns a "SimpleAuthenticationInfo" containing the user and the password. > To check who is logged in I call > Subject currentUser = SecurityUtils.getSubject(); > From the subject I can found out who is logged in by calling: > currentUser.getPrincipal().toString() > This gives me the login name. I'm not sure if this is how I should do it but > it seems to work fine. However, I also want to retrieve a clear text name > for the currently logged in user. I get this information from our legacy > application and I'd like to present it in our web application. How can I do > this? > I assume that what is returned from my "doGetAuthenticationInfo" method > somehow is stored in the subject. I guess that I could then subclass > "SimpleAuthenticationInfo" and add my extra information. But how can I > retrieve it from the subject? > Best regards, > /Bengt
