I'm new with Shiro but I have a request.
I would like to login a user without his information store in a Database.
I explain :
- On the main page, I received information like username and role from a SSO in the HTTP header.
- With this informations, I would like to login the user on my application with Shiro but not store the user on the Database.
Is it possible ?
I try to do it but I have created a new class and exened to AuthorizingRealm and try to write to the method doGetAuthorizationInfo and doGetAuthenticationInfo but if I understand the docs, doGetAuthenticationInfo return juste a SimpleAuthenticationInfo with the username and the password but I don't have a password. And for check in doGetAuthorizationInfo for the roles I dont know how can I acceed to my information. May be I have to write a new UserEntity ? I use JDBC too for permissions and I would like to keep the permissions with JDBC too... You think that's possible ?