I have multiple Realms configured. For this argument, lets say I have two different LDAP Realms setup. When I attempt login (webapp...) I hit the queryForAuthenticationInfo(...) method of both Realms. Even when using the FirstSuccessfulStrategy... So lets say one of the two Realms passes Authentication for the user and the 2nd one fails to Authenticate.
1.) Even if the 1st one succeeds, I still see the 2nd Realm being attempted... 2.) Then when checking for Authorization, the queryForAuthorizationInfo(...) method gets called for BOT Realms, even though only one succeeded during Authentication. Is there a proper way to control Authorization to only being called on the Realm that passed Authentication? This sounds simple from my point of view, but may sound like nonsense to others. Thanks. -- Sent from: http://shiro-user.582556.n2.nabble.com/
