You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@shiro.apache.org by "Laszlo Hornyak (JIRA)" <ji...@apache.org> on 2017/03/29 21:09:42 UTC

[jira] [Created] (SHIRO-620) authentication and authorization support for spring websocket

Laszlo Hornyak created SHIRO-620:
------------------------------------

             Summary: authentication and authorization support for spring websocket
                 Key: SHIRO-620
                 URL: https://issues.apache.org/jira/browse/SHIRO-620
             Project: Shiro
          Issue Type: New Feature
          Components: Authentication (log-in), Authorization (access control) 
            Reporter: Laszlo Hornyak


Shiro could add some support for spring websockets. 

{code:xml}
	<websocket:handlers>
		<websocket:mapping path="/ws" handler="wsHandler"/>
		<websocket:handshake-interceptors>
			<bean class="org.apache.shiro.somepackage.WebsocketSecurityInterceptor"></bean>
		</websocket:handshake-interceptors>
	</websocket:handlers>

{code}

This security interceptor could do two things by overriding the beforeHandshake method:
 * Decide whether or not the user can open the websocket
 * Set authentication information in the socket attributes





--
This message was sent by Atlassian JIRA
(v6.3.15#6346)