Cas (for authentication ) + OpenLDAP ( for username, password + roles and permissions ) + Apache Shiro ( for authorization )

As stated, I am developing a springboot application with following tech stack: 1. CAS for SSO 2. LDAP for usrname, password storage

Till here all works fine. Now I need to add apache shiro for authorization. I am not sure about what should be the realm definition as I don't want authentication to be done by Shiro. I am not able to find any decent example with this combination.

Solution

Well.. Shiro gives too many things.. Authentication + authorization + encryption etc.

In my case, ACL can be achieved using CustomVoter in spring security.

Hence, decided not to use Shiro.

CAS id as user_id for sessions table in laravel 11
Ticket validated but no PGT in the ticket validation response (CAS 6.5.9)
Attempt by security transparent method X to access security critical method Y failed
Spring Security 6.2 and CAS authentication : what happened to CasAuthenticationFilter.CAS_STATEFUL_IDENTIFIER?
jdk.event.security sending logs for 3 minutes before starting my spring boot app [Apereo CAS]
What happened "org.apereo.cas.web.security" in 7.0.0-RC9 of org.apereo.cas?
How to retrieve attributes and username sent by the CAS server with Spring Security
Creating SSO (single sign on) CAS on ASP.NET Core 6 MVC app
On apereo cas 6.6 MFA can I check for trusted devices before showing the provider selection screen?
CAS - how print the value present in json service in the webview login page?
Saml assertion response does not include all attributes
Could not resolve org.scaldingspoon.gradle:gradle-waroverlay-plugin:0.9.3
Matrix-synapse doesn't retrieve CAS attributes
Get my own properties in cas client and Liferay
Checking CAS user in internal database with Laravel
Can i use Jasig CAS server for android mobile applications?
CAS service ticket validate failed
How integrating CAS Protocol with Microsoft .NET6 APIs c#
PG::UniqueViolation error with Devise and devise_cas_authenticable
CAS vs Okta Vs Keycloak comparisions as an SSO solution
Can't Define Services in CAS Overlay Template v. 6.4 (Docker)
cannot start cas-overlay-template on windows - missing \etc\cas\thekeystore
IllegalArgumentException deploying CAS 5.3.10 Maven Overlay WAR on Wildfly 14
CAS Spnego - KrbException: Checksum failed
Derived types must either match the security accessibility of the base type or be less accessible in very basic case
Configuration of OpenId Connect token expiration in CAS
Cross browser SSO with CAS
Using CAS with redirect Failed asserting that the Response status code is 200
How to read CAS ticket validation XML using spring security?
Uri not Absolute exception getting while calling Restful Webservice