shiro-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Peter Ledbrook <pe...@cacoethes.co.uk>
Subject Re: HTTP method-dependent Basic authentication
Date Thu, 14 Oct 2010 17:10:11 GMT
> See org.apache.shiro.web.filter.authz.HttpMethodPermissionFilter

Just to double-check, all I have to do is treat the 'mappedValue'
argument of isAccessAllowed() as the configuration options? In other
words, with

   [urls]
   /plugin/** = authcBasic[POST,PUT,DELETE]

I can add

    public isAccessAllowed(ServletRequest request, ServletResponse
response, Object mappedValue) throws IOException {
        String[] httpMethods = (String[]) mappedValue;
        ...

Correct?

Thanks,

Peter

Mime
View raw message