Is it possible to implement MongoDB as a Shiro realm?

Question

My requirement is to read user and permission information from the database to complete authentication and authorization. Shiro provides JdbcRealm implementation, but there is no MongoDB realm implementation.
Could you please:

1. Is MongoDB implemented as a Shiro realm?

2. If possible, how to write the specific configuration? (Google found a specific implementation code, but the relevant configuration files are missing)

Answer 1

Thank you for the invitation, you just need to implement your own Realm, for example:

public class MyRealm extends AuthorizingRealm {

  // 认证
  @Override
  protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {

    // TODO 从数据库中获取用户信息, 从Mongo中查出来的
    return null;
  }

  // 授权
  @Override
  protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {

    // TODO 从数据库中获取授权信息, 从Mongo中查出来的
    return null;
  }
}

Then add your own Realm设置到RealmSecurityManager, for example:

DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
securityManager.setRealm(new MyRealm());

Then just add this SecurityManager设置到ShiroFilter, for example:

ShiroFilterFactoryBean shiroFilterFactory = new ShiroFilterFactoryBean();
shiroFilterFactory.setSecurityManager(securityManager);