shiro-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jared Bunting" <jared.bunt...@digitalreasoning.com>
Subject Re: [jira] [Created] (SHIRO-287) Enable web-configured SecurityManager to be statically accessible for non-request threads
Date Thu, 21 Apr 2011 02:24:58 GMT
Les,

Will this be disableable via an option on the filter?  I can see where a
webapp with more than one shiro filter / security manager would cause a
problem with this.

-Jared

"Les Hazlewood (JIRA)" <jira@apache.org> wrote:

Enable web-configured SecurityManager to be statically accessible for
non-request threads
--------------------------------------------------------------------------
---------------

                 Key: SHIRO-287
                 URL: https://issues.apache.org/jira/browse/SHIRO-287
             Project: Shiro
          Issue Type: New Feature
            Reporter: Les Hazlewood
            Assignee: Les Hazlewood
             Fix For: 1.2.0


For any work done on threads that are not triggered by a request thread,
the SecurityManager should be accessible to these threads so the
Subject.Builder can be used properly.

This can be accomplished by setting the configured SecurityManager as a
static member variable in SecurityUtils (via
SecurityUtils.setSubjectManager).  While static memory is not ideal, it is
probably good enough for 90% of web applications, and can be a viable
solution.

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira


Mime
View raw message