karaf-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Bengt Rodehav <be...@rodehav.com>
Subject Apache Shiro in Karaf
Date Fri, 04 Nov 2016 15:42:07 GMT
Hi,

I'm using Apache Shiro in Karaf 4.0.7. Not sure if the problem I have is a
Karaf related problem or just a Pax-Web related problem so I post in both
foras.

Here is an extract of my Shiro ini file:

[urls]
/api/getCurrentUser = anon
/login = authc
/logout = logout
/admin/** = authc

The intention is that the first url (that is associated with "anon") should
be allowed to access without a user being authenticated.

When I deploy my application in Karaf, an HTTP status code 401 is returned
and basic authentication is triggered in the browser. If I enter
user=password=karaf then I get through.

Does anyone have any idea why this happens? Is it so that if the url is not
stopped by Shiro then it continues to a filter that Karaf/Pax-Web has set
up that requires basic authentication?

How can I get around this?

/Bengt

Mime
View raw message