CAC-Based Security in Using Shiro

I’m migrating to Spring Boot Vaadin from a PrimeFaces application which uses Shiro for CAC-based security, and I’d like to implement something similar in my prototype Vaadin application. I’ve settled on Shiro after I got lost in the labyrinthian complexity of trying to design a similar process using all those “filter” and “manager” classes in Spring Security.

We have a login class in our PrimeFaces/Shiro application which allows us to.

  1. Retrieve a specific CAC header from the request object.
  2. Extract a 10-digit CAC id from the header.
  3. Authenticate the user using this CAC id, thereby creating the user object.
  4. Retrieve the username from the authenticated user object to determine the user’s authorized access level.
  5. Tailor the user’s menu and page options based his/her access level.

Can someone point me to a working code example where at least steps 1 through 3 take place, preferably in one method using Shiro?