shiro-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Brian Demers (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (SHIRO-392) Shiro Extension for JAX-RS
Date Fri, 14 Oct 2016 14:37:20 GMT

    [ https://issues.apache.org/jira/browse/SHIRO-392?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15575529#comment-15575529
] 

Brian Demers commented on SHIRO-392:
------------------------------------

I'm adding a (generic) JAX-RS module based [silb/shiro-jersey|https://github.com/silb/shiro-jersey]
(after chatting with the author)

The one thing it lacks from the original is the subject injection {{@Auth}} annotation, as
this varies based on the implementation (Jeresy, RestEasy, Apach CXF).
*NOTE:* I started going down the path of creating optional dependencies on the three major
JAX-RS implementations, but I think supporting them directly at this point is outside the
scope of the project, and could be a non-issue if the developer is already using dependency
injection.

> Shiro Extension for JAX-RS
> --------------------------
>
>                 Key: SHIRO-392
>                 URL: https://issues.apache.org/jira/browse/SHIRO-392
>             Project: Shiro
>          Issue Type: Improvement
>            Reporter: Jan Stamer
>
> We've added an extension to Shiro which enables Shiro annotations in the JAX-RS implementation
Sun Jersey.
> You can do the following with it:
> @Path("/changelog")
> @RequiresPermissions("repository:read")
> public class ChangelogResourceImpl {
>    @POST
>    @Consumes(MediaType.APPLICATION_JSON)
>    @Path("/addObject")
>    @Override
>    @RequiresPermissions("repository:write")
>    public Response addObject(ObjectJson objectJson) {
>       someService.addObject(object);
>       return Response.ok().build();
>    }
> }
> If the user is not authenticated Http Status Code 401 is returned. If the user has insufficient
privileges Status Code 403 is returned.
> Right now we've only added support for the annoation @RequiresPermissions. The other
Shiro annoations could easily be added in the same fashion. Yet currently that's the only
one we need.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message