shiro-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Brian Demers (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (SHIRO-414) Create generic HttpAuthenticationFilter supporting multiple HTTP authentication schemes
Date Fri, 08 Jul 2016 13:56:11 GMT

     [ https://issues.apache.org/jira/browse/SHIRO-414?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Brian Demers updated SHIRO-414:
-------------------------------
    Fix Version/s:     (was: 1.3.0)
                   2.0.0

A big +1 from me too.  Moving this to 2.0 so we can do a little more refactoring around this
logic.

> Create generic HttpAuthenticationFilter supporting multiple HTTP authentication schemes
> ---------------------------------------------------------------------------------------
>
>                 Key: SHIRO-414
>                 URL: https://issues.apache.org/jira/browse/SHIRO-414
>             Project: Shiro
>          Issue Type: New Feature
>          Components: Authentication (log-in), Web
>            Reporter: Les Hazlewood
>             Fix For: 2.0.0
>
>
> The BasicHttpAuthentication filter assumes HTTP's 'Basic' authentication scheme.  But
HTTP Authentication can support multiple schemes - instead of creating a filter per scheme,
like we assume today, it probably makes sense to have a single filter that can support multiple
schemes.
> This issue is to create a general HttpAuthenticationFilter that allows one or more pluggable
Schemes.  Each Scheme should be able to resolve an authentication token based on the {{Authorization}}
header value.
> Existing authc filters (e.g. BasicHttpAuthenticationFilter) can leverage this new concept
if necessary - they would just be a filter that comes pre-configured with a single scheme.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message