Menu
I'm trying to implement a AuthorizingRealm with Grails Shiro plugin. Authentication is done against a Active Directory using the plugin's generated class ShiroLdapRealm. Roles will be maintained inside the application's database.
So how can I integrate the ShiroLdapRealm authentication with my custom authorization? It seems to me that the Grails Shiro plugin uses the RealmWrapper to hide the internals of Shiro from the Grails world, and it only implements a standard Realm class, not AuthorizingRealm.
Any idea? Thank you!
404
I haven't worked with shiro before, but I have successfully used the shiro plugin in several projects...
So, if you already have a working LdapRealm, copy the ShiroLdapRealm.groovy file to a safe backup location and delete it from the project...
next, create a shiro wildcard realm (create-wildcard-realm). This will create a realm with Authentication and Authorizing functionality.
Copy the authenticate() method from your old realm to this one...
Now you can authenticate against LDAP with a valid ShiroUser as result.
You can assign ShiroRoles with corresponding permissions to this user.
You can easily create the needed roles with permissions in the bootstrap and assign them to the user according to ACLs you read from your directory service...
hope that helps
113
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
