You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@shiro.apache.org by "Jasper Siepkes (JIRA)" <ji...@apache.org> on 2009/04/05 19:10:13 UTC

[jira] Created: (KI-76) Using SecureRemoteInvocationFactory without a preestablished session

Using SecureRemoteInvocationFactory without a preestablished session
--------------------------------------------------------------------

                 Key: KI-76
                 URL: https://issues.apache.org/jira/browse/KI-76
             Project: Ki
          Issue Type: Improvement
          Components: Authentication (log-in), Integration: Spring, Session Management
    Affects Versions: 0.9
            Reporter: Jasper Siepkes
            Priority: Minor
             Fix For: 1.0


The current implementation of the SecureRemoteInvocationFactory type assumes a use case where there has already been a session established via some other means then RMI. This use case can been seen in the Swing Webstart / Spring example. This example application creates a session via Spring webflow and then passes the session id of the newly created session to the Java Webstart application as a property. 

While this works fine for a Java Webstart environment it creates a problem for other uses cases where there is no preestablished session. For example a use case where you want your users to be able to login via a stand alone Swing application which uses Spring and RMI.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.