I have a distributed environment (multiple java vms) where the subject is authenticated on one node and should be able to access resources on another node (another VM).
From discussion in https://issues.apache.org/jira/browse/SHIRO-323,
I am passing in all the authenticated Subject information to the other VMs via Redis (Principals , Authenticated State etc ..) and am trying to recreate the Subject using new Subject.Builder().buildSubject() way.
My question, Is there a way to mark this subject as authenticated based on the authentication flag received from the first node ?
Thanks.
You can use the same technique as I described on your other question:
Shiro in distributed environment - auto authenticating/white listing internal calls
Have special token for "system" users and call login instead of building a subject.