Return-Path: X-Original-To: apmail-shiro-user-archive@www.apache.org Delivered-To: apmail-shiro-user-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 8023510962 for ; Wed, 18 Dec 2013 12:10:48 +0000 (UTC) Received: (qmail 60959 invoked by uid 500); 18 Dec 2013 12:10:48 -0000 Delivered-To: apmail-shiro-user-archive@shiro.apache.org Received: (qmail 60514 invoked by uid 500); 18 Dec 2013 12:10:43 -0000 Mailing-List: contact user-help@shiro.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: user@shiro.apache.org Delivered-To: mailing list user@shiro.apache.org Received: (qmail 59996 invoked by uid 99); 18 Dec 2013 12:10:39 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 18 Dec 2013 12:10:39 +0000 X-ASF-Spam-Status: No, hits=2.3 required=5.0 tests=FORGED_YAHOO_RCVD,SPF_PASS,URI_HEX X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: local policy includes SPF record at spf.trusted-forwarder.org) Received: from [216.139.236.26] (HELO sam.nabble.com) (216.139.236.26) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 18 Dec 2013 12:10:32 +0000 Received: from jim.nabble.com ([192.168.236.80]) by sam.nabble.com with esmtp (Exim 4.72) (envelope-from ) id 1VtFx5-00005U-6J for user@shiro.apache.org; Wed, 18 Dec 2013 04:10:11 -0800 Date: Wed, 18 Dec 2013 04:10:11 -0800 (PST) From: mneilly To: user@shiro.apache.org Message-ID: <1387368611152-7579471.post@n2.nabble.com> In-Reply-To: References: <1387026259707-7579464.post@n2.nabble.com> Subject: Re: java client authenticating with remote security manager? MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org Thank you for the response Jared. I got distracted by other tasks and wasn't able to get back to this until now. :( I'm using JME3 which has it's own networking API (SpiderMonkey) for sending messages between client and server. I need to ping the JME developers next to make sure I haven't missed something but my impression is that there is no significant support for security. Originally, after looking at the architecture diagram for Shiro (http://shiro.apache.org/assets/images/ShiroArchitecture.png) I had the impression that it could handle the network transport between an application and the security manager as well as between the security manager and a backend database. Ie - I thought I could instance a Subject and a UsernamePasswordToken and then Subject.login(token) would magically communicate over the network to the the server running the security manager. I was trying to figure out how the necessary information got communicated to enable that. Unfortunately, I'm still at the point where I don't know what I don't know. :) For now, I've decided to send the login and password in clear text to a server implementing a Shiro SM and try to get things working on the server side first. Hopefully that'll get me far enough along the learning curve on both ends to have a better idea of what's really necessary in this type of system. -M -- View this message in context: http://shiro-user.582556.n2.nabble.com/java-client-authenticating-with-remote-security-manager-tp7579464p7579471.html Sent from the Shiro User mailing list archive at Nabble.com.