Return-Path: 
 <dev-return-3732-apmail-shiro-dev-archive=shiro.apache.org@shiro.apache.org>
Delivered-To: apmail-shiro-dev-archive@www.apache.org
Received: (qmail 65733 invoked from network); 15 Oct 2010 10:05:06 -0000
Received: from unknown (HELO mail.apache.org) (140.211.11.3)
  by 140.211.11.9 with SMTP; 15 Oct 2010 10:05:06 -0000
Received: (qmail 46890 invoked by uid 500); 15 Oct 2010 10:05:06 -0000
Delivered-To: apmail-shiro-dev-archive@shiro.apache.org
Received: (qmail 46806 invoked by uid 500); 15 Oct 2010 10:05:04 -0000
Mailing-List: contact dev-help@shiro.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:dev-help@shiro.apache.org>
List-Unsubscribe: <mailto:dev-unsubscribe@shiro.apache.org>
List-Post: <mailto:dev@shiro.apache.org>
List-Id: <dev.shiro.apache.org>
Reply-To: dev@shiro.apache.org
Delivered-To: mailing list dev@shiro.apache.org
Received: (qmail 46798 invoked by uid 99); 15 Oct 2010 10:05:03 -0000
Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230)
    by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 15 Oct 2010 10:05:03 +0000
X-ASF-Spam-Status: No, hits=-2000.0 required=10.0
	tests=ALL_TRUSTED
X-Spam-Check-By: apache.org
Received: from [140.211.11.22] (HELO thor.apache.org) (140.211.11.22)
    by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 15 Oct 2010 10:05:00 +0000
Received: from thor (localhost [127.0.0.1])
	by thor.apache.org (8.13.8+Sun/8.13.8) with ESMTP id o9FA4dBi028295
	for <dev@shiro.apache.org>; Fri, 15 Oct 2010 10:04:39 GMT
Message-ID: <29645367.158701287137079094.JavaMail.jira@thor>
Date: Fri, 15 Oct 2010 06:04:39 -0400 (EDT)
From: "Peter Ledbrook (JIRA)" <jira@apache.org>
To: dev@shiro.apache.org
Subject: [jira] Commented: (SHIRO-200) Add ability to configure basic
 authentication for specific HTTP methods
In-Reply-To: <19908179.158481287136593518.JavaMail.jira@thor>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394
X-Virus-Checked: Checked by ClamAV on apache.org


    [ https://issues.apache.org/jira/browse/SHIRO-200?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12921295#action_12921295 ] 

Peter Ledbrook commented on SHIRO-200:
--------------------------------------


I don't have HTTPS svn set up yet, so I attached a patch for review. I
also wanted it reviewed before committing anyway, in case anyone
disagrees with the principle.

Thanks,

Peter


> Add ability to configure basic authentication for specific HTTP methods 
> ------------------------------------------------------------------------
>
>                 Key: SHIRO-200
>                 URL: https://issues.apache.org/jira/browse/SHIRO-200
>             Project: Shiro
>          Issue Type: Improvement
>          Components: Authentication (log-in), Web
>    Affects Versions: 1.0.0
>            Reporter: Peter Ledbrook
>             Fix For: 1.1.0
>
>         Attachments: MethodSpecificBasicAuth.patch
>
>
> Currently, if one configures the basic authentication filter for a URL, it is applied to all HTTP methods. However, I'd like the read-only methods (GET, HEAD) to be completely open and only the update methods requiring authentication. Proposed syntax:
> <pre>
> [urls]
> /basic/** = authcBasic[POST,PUT,DELETE]
> </pre>
> I have attached a patch for review.
> BTW, the test case could do with renaming - it doesn't match the name of the class it's testing.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.