AuthorizingRealm#doGetAuthorizationInfo(PrincipalCollection pc)

classic Classic list List threaded Threaded
3 messages Options
P82
Reply | Threaded
Open this post in threaded view
|

AuthorizingRealm#doGetAuthorizationInfo(PrincipalCollection pc)

P82
Hi all,
 
I am learning Shiro and can’t understand why in
AuthorizingRealm#doGetAuthorizationInfo(PrincipalCollection pc)
we have `PrincipalCollection pc` but not `Principal p`. By other workds,
why collection?
 
Could anyone explain?
 
--
Alex Sviridov
Reply | Threaded
Open this post in threaded view
|

Re: AuthorizingRealm#doGetAuthorizationInfo(PrincipalCollection pc)

Brian Demers
A user (principal) could be part of multiple realms.  Maybe your user authenticates from one realm, and is authorized by a different one. For example, your user/passwords are handled by an LDAP server, but your permissions-to-user mappings are application-specific.  This would result in a collection of principals.


Many applications just use a single realm and single Principal, in which case you can just call `subject.getPrincipal()` and avoid the `PrincipalCollection` altogether.

On Fri, May 15, 2020 at 11:10 AM Alex Sviridov <[hidden email]> wrote:
Hi all,
 
I am learning Shiro and can’t understand why in
AuthorizingRealm#doGetAuthorizationInfo(PrincipalCollection pc)
we have `PrincipalCollection pc` but not `Principal p`. By other workds,
why collection?
 
Could anyone explain?
 
--
Alex Sviridov
P82
Reply | Threaded
Open this post in threaded view
|

Re[2]: AuthorizingRealm#doGetAuthorizationInfo(PrincipalCollection pc)

P82
Thank you very much for your explanation

 
Пятница, 15 мая 2020, 18:51 +03:00 от Brian Demers <[hidden email]>:
 
A user (principal) could be part of multiple realms.  Maybe your user authenticates from one realm, and is authorized by a different one. For example, your user/passwords are handled by an LDAP server, but your permissions-to-user mappings are application-specific.  This would result in a collection of principals.
 
 
Many applications just use a single realm and single Principal, in which case you can just call `subject.getPrincipal()` and avoid the `PrincipalCollection` altogether.
 
On Fri, May 15, 2020 at 11:10 AM Alex Sviridov <ooo_saturn7@...> wrote:
Hi all,
 
I am learning Shiro and can’t understand why in
AuthorizingRealm#doGetAuthorizationInfo(PrincipalCollection pc)
we have `PrincipalCollection pc` but not `Principal p`. By other workds,
why collection?
 
Could anyone explain?
 
--
Alex Sviridov
 
 
--
Alex Sviridov