...
- When the user logs in with the password for the
iniRealm
account they will be given the role for that account - here the administrator - but if they log in with the password for thepublicLdapRealm
account they will be given the roles for both theiniRealm
andpublicLdapRealm
accounts - here the administrator and the it_operator accounts. This is because after successfully logging into the LDAP account the roles specified for the user in the ini file will also be assigned. - The
securityManager.realms
parameter.is used to provide Explicit Ordering of the realms. See 'Realm Authentication' on the Shiro Authentication web site for more information. - An error will be noted in the shiro
stderrout
log file under particular circumstances when a user login attempt is unsuccessful. This will not affect the overall login procedure. See issue JOC-437 for more information.
...