shiro-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Brian Demers <brian.dem...@gmail.com>
Subject Re: RESTful support - feedback appreciated
Date Fri, 08 Apr 2011 20:19:30 GMT
Auth cache (SHIRO-73) would be great, I had to bake this into a couple
realms previously:
https://github.com/sonatype/security/blob/master/security-realms/security-url-realm/src/main/java/org/sonatype/security/realms/url/URLRealm.java

Also as you mentioned the stateless session
(https://issues.apache.org/jira/browse/SHIRO-266) would be nice too.
Does anyone else feel it would be useful to detect if the client was a
browser and honor cookies and treat other clients (curl, wget, etc) as
session-less ?




On Tue, Apr 5, 2011 at 12:37 PM, Les Hazlewood <lhazlewood@apache.org> wrote:
>> * Some sort of built-in Permission matching mechanism that understands HTTP
>> methods?
>> --Erik
>
> Also, Erik, have you seen Shiro's existing
> org.apache.shiro.web.filter.authz.HttpMethodPermissionFilter.  This
> defaults to the 'rest' filter in Shiro's default filters.  I think
> this might be the built-in permission matching mechanism you mentioned
> above.
>
> Cheers,
>
> Les
>

Mime
View raw message