You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@shiro.apache.org by nbarton <nb...@leanpath.com> on 2013/08/20 00:43:09 UTC

Shiro Authentication via HttpClient request

I have Shiro configured and running fine in my environment.  I can
authenticate manually through a standard html loginform.  

shiro.ini is configured with usernameParam = user and passwordParam = pass.

I have a custom realm in place to do a Salted password (sha512) within a
database.

What I seem unable to do is programmatically perform a logon and subsequent
request, using HttpClient.  I have some activities that I would like to
automate and have them executed through the standard REST interfaces which
are currently being protected by Shiro.  I have searched online and cannot
find any examples.

Any pointers or examples would be greatly appreciated.

Regards,

Neil



--
View this message in context: http://shiro-user.582556.n2.nabble.com/Shiro-Authentication-via-HttpClient-request-tp7579052.html
Sent from the Shiro User mailing list archive at Nabble.com.

Re: Shiro Authentication via HttpClient request

Posted by Les Hazlewood <lh...@apache.org>.

Hi Neil,

What do you mean exactly re: HttpClient?

You're using the Apache HttpClient library to make an authenticated HTTP
request to a Shiro-enabled web app?

If so, you could use the BasicHttpAuthenticationFilter to perform login for
REST endpoints instead of the Form authentication filter.  Then configure
the HttpClient to use HTTP Basic authentication (only do this over TLS
(SSL) connections though!).

If you want one filter to do both, you'll have to implement it yourself (or
wait for https://issues.apache.org/jira/browse/SHIRO-414 to be implemented).

HTH!

--
Les Hazlewood | @lhazlewood
CTO, Stormpath | http://stormpath.com | @goStormpath | 888.391.5282

On Mon, Aug 19, 2013 at 3:43 PM, nbarton <nb...@leanpath.com> wrote:

> I have Shiro configured and running fine in my environment.  I can
> authenticate manually through a standard html loginform.
>
> shiro.ini is configured with usernameParam = user and passwordParam = pass.
>
> I have a custom realm in place to do a Salted password (sha512) within a
> database.
>
> What I seem unable to do is programmatically perform a logon and subsequent
> request, using HttpClient.  I have some activities that I would like to
> automate and have them executed through the standard REST interfaces which
> are currently being protected by Shiro.  I have searched online and cannot
> find any examples.
>
> Any pointers or examples would be greatly appreciated.
>
> Regards,
>
> Neil
>
>
>
> --
> View this message in context:
> http://shiro-user.582556.n2.nabble.com/Shiro-Authentication-via-HttpClient-request-tp7579052.html
> Sent from the Shiro User mailing list archive at Nabble.com.
>