You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@shiro.apache.org by nhhockeyplayer nashua <nh...@hotmail.com> on 2013/03/16 19:31:36 UTC
can anyone explain this "/index.html = anon"
I have read thru the abstract docs. I see there is a lack of meaty specific modelings of real world multi-dimensional examples...
Can anyone explain what this does ?
I am aware of the following filters
/**
* SHIRO FACTORY DEFAULT FILTERS
*
* anon - anonymous filter
* authc - forms authentication filter
* basic = basic http authentication filter
* notfound - not found filter
* perms - permissions authorization filter
* port - port filter
* roles - roles authorization filter
* user - user filter
*/
But I still dont understand what the implications of the statement below means ?
Can anyone offer me a tip?
SHIRO.INI version
/index.html = anon
JAVA LANGUAGE version
configuration.add("index-anon", new FilterChainDefinition("/index.html", "anon"));
Re: can anyone explain this "/index.html = anon"
Posted by Les Hazlewood <lh...@apache.org>.
/index.html = anon
means anyone can access that URL. 'anon' is a filter that says 'I don't
really have any security constraints for this URL, so I'll let anyone (even
anonymous) users through'.
HTH,
--
Les Hazlewood | @lhazlewood
CTO, Stormpath | http://stormpath.com | @goStormpath | 888.391.5282
On Sat, Mar 16, 2013 at 11:31 AM, nhhockeyplayer nashua <
nhhockeyplayer@hotmail.com> wrote:
> I have read thru the abstract docs. I see there is a lack of meaty
> specific modelings of real world multi-dimensional examples...
>
> Can anyone explain what this does ?
>
> I am aware of the following filters
>
> /**
> * SHIRO FACTORY DEFAULT FILTERS
> *
> * anon - anonymous filter
> * authc - forms authentication filter
> * basic = basic http authentication filter
> * notfound - not found filter
> * perms - permissions authorization filter
> * port - port filter
> * roles - roles authorization filter
> * user - user filter
> */
>
> But I still dont understand what the implications of the statement below
> means ?
> Can anyone offer me a tip?
>
> SHIRO.INI version
> /index.html = anon
>
> JAVA LANGUAGE version
> configuration.add("index-anon", new FilterChainDefinition("/index.html",
> "anon"));
>
can anyone explain this "/user/signup = anon"
Posted by nhhockeyplayer nashua <nh...@hotmail.com>.
I have read thru the abstract docs. I see there is a lack of meaty specific modelings of real world multi-dimensional examples...
Can anyone explain what this does ?
I am aware of the following filters
/**
* SHIRO FACTORY DEFAULT FILTERS
*
* anon - anonymous filter
* authc - forms authentication filter
* basic = basic http authentication filter
* notfound - not found filter
* perms - permissions authorization filter
* port - port filter
* roles - roles authorization filter
* user - user filter
*/
But I still dont understand what the implications of the statement below means ?
Can anyone offer me a tip?
SHIRO.INI version
/user/signup = anon
JAVA LANGUAGE version
configuration.add("signup-anon", new FilterChainDefinition("/user/signup", "anon"));
Re: can anyone explain this "/user/** = authc"
Posted by Les Hazlewood <lh...@apache.org>.
/user/** = authc
means:
Any user accessing the /user url or or any path underneath it must be
authenticated (authc = AUTHentiCated for short). If they're not
authenticated, the would likely be redirected to the default login page.
--
Les Hazlewood | @lhazlewood
CTO, Stormpath | http://stormpath.com | @goStormpath | 888.391.5282
On Sat, Mar 16, 2013 at 11:33 AM, nhhockeyplayer nashua <
nhhockeyplayer@hotmail.com> wrote:
>
>
> I have read thru the abstract docs. I see there is a lack of meaty
> specific modelings of real world multi-dimensional examples...
>
> Can anyone explain what this does ?
>
> I am aware of the following filters
>
> /**
> * SHIRO FACTORY DEFAULT FILTERS
> *
> * anon - anonymous filter
> * authc - forms authentication filter
> * basic = basic http authentication filter
> * notfound - not found filter
> * perms - permissions authorization filter
> * port - port filter
> * roles - roles authorization filter
> * user - user filter
> */
>
> But I still dont understand what the implications of the statement below
> means ?
> Can anyone offer me a tip?
>
> SHIRO.INI version
> /user/** = authc
>
> JAVA LANGUAGE version
> configuration.add("user-user", new FilterChainDefinition("/user/**",
> "authc"));
>
can anyone explain this "/user/** = authc"
Posted by nhhockeyplayer nashua <nh...@hotmail.com>.
I have read thru the abstract docs. I see there is a lack of meaty specific modelings of real world multi-dimensional examples...
Can anyone explain what this does ?
I am aware of the following filters
/**
* SHIRO FACTORY DEFAULT FILTERS
*
* anon - anonymous filter
* authc - forms authentication filter
* basic = basic http authentication filter
* notfound - not found filter
* perms - permissions authorization filter
* port - port filter
* roles - roles authorization filter
* user - user filter
*/
But I still dont understand what the implications of the statement below means ?
Can anyone offer me a tip?
SHIRO.INI version
/user/** = authc
JAVA LANGUAGE version
configuration.add("user-user", new FilterChainDefinition("/user/**", "authc"));
Re: can anyone explain this "/news/view/** = perms[news:view]"
Posted by jleleu <le...@gmail.com>.
Hi,
//index.html = anon
/user/signup = anon/
means all users can access urls //index.html/ & //user/signup/
//user/** = authc/
means only authenticated users can access urls starting with //user// : if
the user is not authenticated, he will be sent to the login form for
authentication
//admin/** = authc, roles[administrator]/
means only authenticated users with the role *administrator* can access urls
starting with //admin// : if the user is not authenticated, he will be sent
to the login form for authentication; if the user is authenticated but has
not the appropriate role, he will be sent to the "unauthorized url" or
returned an error (HTTP 401).
//news/view/** = perms[news:view]/
same as above but for the permission *news:view* and for urls starting with
//news/view//.
I recommend that you read the Javadoc. That's well explained...
Best regards,
Jérôme
--
View this message in context: http://shiro-user.582556.n2.nabble.com/can-anyone-explain-this-index-html-anon-tp7578416p7578425.html
Sent from the Shiro User mailing list archive at Nabble.com.
can anyone explain this "/news/view/** = perms[news:view]"
Posted by nhhockeyplayer nashua <nh...@hotmail.com>.
I have read thru the abstract docs. I see there is a lack of meaty specific modelings of real world multi-dimensional examples...
Can anyone explain what this does ?
I am aware of the following filters
/**
* SHIRO FACTORY DEFAULT FILTERS
*
* anon - anonymous filter
* authc - forms authentication filter
* basic = basic http authentication filter
* notfound - not found filter
* perms - permissions authorization filter
* port - port filter
* roles - roles authorization filter
* user - user filter
*/
But I still dont understand what the implications of the statement below means ?
Can anyone offer me a tip?
SHIRO.INI version
/news/view/** = perms[news:view]
JAVA LANGUAGE version
configuration.add("news-view", new FilterChainDefinition("/news/view/**", "perms[news:view]"));
FW: can anyone explain this "/admin/** = authc,
roles[administrator]"
Posted by nhhockeyplayer nashua <nh...@hotmail.com>.
I have read thru the abstract docs. I see there is a lack of meaty specific modelings of real world multi-dimensional examples...
Can anyone explain what this does ?
I am aware of the following filters
/**
* SHIRO FACTORY DEFAULT FILTERS
*
* anon - anonymous filter
* authc - forms authentication filter
* basic = basic http authentication filter
* notfound - not found filter
* perms - permissions authorization filter
* port - port filter
* roles - roles authorization filter
* user - user filter
*/
But I still dont understand what the implications of the statement below means ?
Can anyone offer me a tip?
SHIRO.INI version
/admin/** = authc, roles[administrator]
JAVA LANGUAGE version
configuration.add("admin-roles-administrator", new FilterChainDefinition("/admin/**", "roles[administrator]"));