Hi Brian, know you are busy. Could you give me some feedback on this?
kind regards Björn > On 12. Jan 2018, at 16:44, Björn Raupach <raup...@me.com> wrote: > > Not sure where to talk about the proposed feature. JIRA Ticket? Mailing list > or GitHub issue/pull request? > > Anyways here is the link to the implementation: > https://github.com/raupachz/shiro/tree/dbcookies > <https://github.com/raupachz/shiro/tree/dbcookies> The class is called > DatabaseRememberMeCookieManager.java > > This is more or less a simple proof of concept, so we have something to talk > about.I am also not very familiar with the internals of Shiro and the > terminology. So please correct me. > > DatabaseRememberMeCookieManager inherits RememberMeCookieManager. I have > overriden the methods: getRememberedPrincipals(SubjectContext) and > rememberIdentity(Subject, PrincipalCollection). getRememberedPrincipals > retrieves the cookie value. rememberIdentity generates a random, non > guessable nonce instead of the encrypted, serialized PrincipalCollection. Not > sure what to call this value, I just went with nonce. This nonce and all the > principals of the collection are written to a debase with jdbc. > > getRememberedPrincipals reads the nonce from the cookie, if available, and > retrieves the matching principals from the database. > > The smoke tests do work :) > > Open issues: > > * Not sure how to get the proper realm name in getRememberedPrincipals. See > the placeholder: “whatever" in the constructor of PrincipalCollection > * A nonce can have multiple principals and every principal can have multiple > nonces. > > The m:n relationship with nonces probably needs three tables. A select with > joins would make a very long single line in shiro.ini. Would work, but it is > not nice. The insert is even more complicated. Maybe it is better to not use > shiro.ini in that case and let the user override some abstract method to load > and store the principals. For example abstract loadPrincipals in > DatabaseRememberMeCookieManager. > > Hoping for a good discussion on this :) > > Sorry if this message came several times. I keep forgetting what email > address I use on different mailing lists. > > /Björn > >> On 10. Jan 2018, at 16:56, Rob Young <bobbot...@gmail.com >> <mailto:bobbot...@gmail.com>> wrote: >> >> I'd be interested to see this in action, I'd be happy to check out what you >> get up to! >> >> On Wed, Jan 10, 2018 at 10:25 AM, Brian Demers <brian.dem...@gmail.com >> <mailto:brian.dem...@gmail.com>> wrote: >> Probably an override, you will still need to add the cookie, so you should >> be able to override just what you need. >> >> >>> >>> Keep us posted! >> >> Since we need this feature I can dedicate company time on this matter. Will >> work on this in my repo and open a pull request once I have something >> figured out. Might need some help troubleshooting. >> >> Cool! >> >> >> >> -- >> Rob Young >> robertjohnyo...@gmail.com <mailto:robertjohnyo...@gmail.com> >> >
