I have a use case where a supervisor needs to enter there username/password to continue certain operations. I want the current Subject to remain logged in. My current solution is to use SecurityManager.authenticate(...) and SecurityManager.hasRole(..). Is there a more accepted pattern or part of the api to accomplish this?
-- View this message in context: http://shiro-user.582556.n2.nabble.com/Best-Practice-for-supervisor-permission-tp7577607.html Sent from the Shiro User mailing list archive at Nabble.com.
