I’m migrating to Spring Boot Vaadin from a PrimeFaces application which uses Shiro for CAC-based security, and I’d like to implement something similar in my prototype Vaadin application. I’ve settled on Shiro after I got lost in the labyrinthian complexity of trying to design a similar process using all those “filter” and “manager” classes in Spring Security.
We have a login class in our PrimeFaces/Shiro application which allows us to.
- Retrieve a specific CAC header from the request object.
- Extract a 10-digit CAC id from the header.
- Authenticate the user using this CAC id, thereby creating the user object.
- Retrieve the username from the authenticated user object to determine the user’s authorized access level.
- Tailor the user’s menu and page options based his/her access level.
Can someone point me to a working code example where at least steps 1 through 3 take place, preferably in one method using Shiro?