Vaadin + Apache Shiro and Java Based Login

[ghost]

I develop a Vaadin application with Java based login (to avoid any actual webpages in my application):

final Subject currentUser = SecurityUtils.getSubject();
final AuthenticationToken token = new UsernamePasswordToken(username, password);
currentUser.login(token);

UI.getCurrent().getNavigator().navigateTo(HomeView.NAVIGATION_NAME);

As you can see, I navigate to my home view (for authenticated user only) after a successful login. However, the ShiroSecurityNavigator seems to have already decided which views are allowed and which one are not. Hence the navigator does not allow to navigate to home. My current workaround is to reinitialize the navigator:

currentUser.login(token);

UI.getCurrent().setNavigator(new ShiroSecurityNavigator(UI.getCurrent(), UI.getCurrent()));
UI.getCurrent().getNavigator().setErrorView(new ErrorView());
UI.getCurrent().getNavigator().navigateTo(HomeView.NAVIGATION_NAME);

There should be a better approach in my opinion. The security navigator should recognize changes in the authentication or should at least provide a method to re-read the allowed views.

[wassimz]

Hi,

I am trying to do the same thing but unsuccessfully.
Can you please provide some examples or hints to help me integrating such feature

Thanks