-examples/blob/master/ms-active-directory-custom/src/main/java/com/github/opticyclic/shiro/realm/CustomActiveDirectoryRealm.java#L68-L78
--
View this message in context:
http://shiro-user.582556.n2.nabble.com/Anonymous-binding-issue-while-searching-LDAP-roles-tp7581241p7581292.html
Sent from
Ahh, I understand now.
Take a look at this thread:
http://shiro-user.582556.n2.nabble.com/How-to-set-a-custom-principal-object-td1090270.html
You could possibly build and attach an AuthorizationInfo object to
your principal when the user logs in.
There are a couple scenarios that this would proba
I didn’t give any manager account. And I doubt that without manager account it
works that way.
I’ve browsed the source code, doGetAuthenticationInfo and
doGetAuthorizationInfo are two relatively independent processes, they don’t use
the same ldapContext.
在 16/8/22 下午10:15,“Brian Demers” 写入:
That is how it should work if you do not set the system user/password.
Can you confirm that your configuration does not set them ?
On Mon, Aug 22, 2016 at 12:17 AM, vlhf刘海峰 wrote:
> Hi all,
>
> As some AD forbid search operation with anonymous binding,
> org.apache.shiro.realm.activedirectory.Act
Hi all,
As some AD forbid search operation with anonymous binding,
org.apache.shiro.realm.activedirectory.ActiveDirectoryRealm will fail to get
authorization info without a manager account. But, since user has logged in
before, which means user has bound successfully and able to do search over
