shiro-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Peter Ledbrook (JIRA)" <j...@apache.org>
Subject [jira] Created: (SHIRO-200) Add ability to configure basic authentication for specific HTTP methods
Date Fri, 15 Oct 2010 09:56:33 GMT
Add ability to configure basic authentication for specific HTTP methods 
------------------------------------------------------------------------

                 Key: SHIRO-200
                 URL: https://issues.apache.org/jira/browse/SHIRO-200
             Project: Shiro
          Issue Type: Improvement
          Components: Authentication (log-in), Web
    Affects Versions: 1.0.0
            Reporter: Peter Ledbrook
             Fix For: 1.1.0


Currently, if one configures the basic authentication filter for a URL, it is applied to all
HTTP methods. However, I'd like the read-only methods (GET, HEAD) to be completely open and
only the update methods requiring authentication. Proposed syntax:
{code}
[urls]
/basic/** = authcBasic[POST,PUT,DELETE]
{code}
I have attached a patch for review.

BTW, the test case could do with renaming - it doesn't match the name of the class it's testing.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message