You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@shiro.apache.org by "Brian Demers (JIRA)" <ji...@apache.org> on 2016/06/23 23:19:16 UTC
[jira] [Updated] (SHIRO-160) Flex integration with Shiro
[ https://issues.apache.org/jira/browse/SHIRO-160?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Brian Demers updated SHIRO-160:
-------------------------------
Labels: Flex patch (was: Flex)
> Flex integration with Shiro
> ---------------------------
>
> Key: SHIRO-160
> URL: https://issues.apache.org/jira/browse/SHIRO-160
> Project: Shiro
> Issue Type: New Feature
> Components: Authentication (log-in), Authorization (access control)
> Affects Versions: Incubation
> Reporter: david e. berry
> Labels: Flex, patch
> Attachments: amf package layout.png, blazeds-war-1.0-SNAPSHOT.war, graniteds-war-1.0-SNAPSHOT.war, shiroflex-1.2.0.tgz, shiroflex-war-1.0-SNAPSHOT.war, shiroflex.tgz, shiroflex.tgz
>
>
> Commiters,
> I have created the following classes that I used to integrate Shiro with Flex AMF. I would like to contribute them to the shiro. Please let me know if there is interest and the procedure for doing so. I have included the class names with a brief description of what they do. They are currently outside of the Shiro code base that I checked out, but I could combine them if interested.
> Best Regards,
> Dave
> /* Authentication and Authorization need to let AMF Ping, Login, Logout messages pass through
> without processing. They call FlexMessageHelper to introspect the binary message to see if it is allowed to pass.
> If not, normal Authentication, and Authorization takes place.
> */
> public class FlexAuthenticationFilter extends AuthenticationFilter;
> public class FlexPermissionsAuthorizationFilter extends PermissionsAuthorizationFilter;
> public class FlexRolesAuthorizationFilter extends RolesAuthorizationFilter;
> /*Helper methods for introspecting the contents of the amf message. It is conceivable that a security handler
> might need to introspect the contents of a request. It would be nice if Shiro wrapped the request automatically so that anyone can read the contents without
> causing an end of stream error for a filter down the line.
> Message helper deserializes the AMF message and checks to see if it is a PING, LOGON, or LOGOUT request.
> */
> public class FlexHttpServletRequestWrapper extends HttpServletRequestWrapper;
> public class FlexMessageHelper;
> /* Custom Flex Login command that calls Subject.login returns a Principal back to Flex.
> */
> public class FlexLoginCommand implements LoginCommand;
> public class FlexPrincipal implements Principal;
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)