Reputation: 263
Implementing a AuthorizingRealm with Grails Shiro plugin
I'm trying to implement a AuthorizingRealm with Grails Shiro plugin. Authentication is done against a Active Directory using the plugin's generated class ShiroLdapRealm. Roles will be maintained inside the application's database.
So how can I integrate the ShiroLdapRealm authentication with my custom authorization? It seems to me that the Grails Shiro plugin uses the RealmWrapper to hide the internals of Shiro from the Grails world, and it only implements a standard Realm class, not AuthorizingRealm.
Any idea? Thank you!
Upvotes: 3
Views: 1306
Answers (1)
Reputation: 11062
I haven't worked with shiro before, but I have successfully used the shiro plugin in several projects...
So, if you already have a working LdapRealm, copy the ShiroLdapRealm.groovy file to a safe backup location and delete it from the project...
next, create a shiro wildcard realm (create-wildcard-realm). This will create a realm with Authentication and Authorizing functionality.
Copy the authenticate() method from your old realm to this one...
Now you can authenticate against LDAP with a valid ShiroUser as result.
You can assign ShiroRoles with corresponding permissions to this user.
You can easily create the needed roles with permissions in the bootstrap and assign them to the user according to ACLs you read from your directory service...
hope that helps
Upvotes: 1
Related Questions
- Authentication using Grails Spring Security REST Plugin
- Grails pre-authenticated scenario
- grails spring security post authentication
- Grails Spring Security authentication from a service
- Grails - ShiroSecurity - manually login user
- grails spring security core
- Problem authenticating with shiro in grails app
- Grails Custom Authentication Provider
- Authenticity Token in Grails
- Custom authentication