You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@shiro.apache.org by "Dan Diephouse (JIRA)" <ji...@apache.org> on 2011/04/17 07:21:05 UTC
[jira] [Created] (SHIRO-283) Add ability to support basic auth and
form authentication simultaneously
Add ability to support basic auth and form authentication simultaneously
------------------------------------------------------------------------
Key: SHIRO-283
URL: https://issues.apache.org/jira/browse/SHIRO-283
Project: Shiro
Issue Type: Bug
Reporter: Dan Diephouse
Currently, it's impossible to require either form authentication or basic authentication. I need to support both since we want the former for the users using a browser and the later for REST. At a config level, I don't really care which one is used, I just want to know they're authenticated.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (SHIRO-283) Add ability to support basic auth
and form authentication simultaneously
Posted by "Jared Bunting (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHIRO-283?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13084613#comment-13084613 ]
Jared Bunting commented on SHIRO-283:
-------------------------------------
I am committing a fix that allows:
authc[permissive] and authcBasic[permissive].
This will allow us to, on a filterchain level, not require login but use these filters simply to allow login. In addition, this will catch an "UnauthenticatedException" and perform the appropriate login request action (redirect to page or send challenge response).
> Add ability to support basic auth and form authentication simultaneously
> ------------------------------------------------------------------------
>
> Key: SHIRO-283
> URL: https://issues.apache.org/jira/browse/SHIRO-283
> Project: Shiro
> Issue Type: Bug
> Reporter: Dan Diephouse
> Attachments: permissive-authenticating2.patch
>
>
> Currently, it's impossible to require either form authentication or basic authentication. I need to support both since we want the former for the users using a browser and the later for REST. At a config level, I don't really care which one is used, I just want to know they're authenticated.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (SHIRO-283) Add ability to support basic auth and
form authentication simultaneously
Posted by "Les Hazlewood (Updated) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHIRO-283?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Les Hazlewood updated SHIRO-283:
--------------------------------
Issue Type: Improvement (was: Bug)
Recategorizing as an improvement as this does not represent broken functionality.
> Add ability to support basic auth and form authentication simultaneously
> ------------------------------------------------------------------------
>
> Key: SHIRO-283
> URL: https://issues.apache.org/jira/browse/SHIRO-283
> Project: Shiro
> Issue Type: Improvement
> Reporter: Dan Diephouse
> Attachments: permissive-authenticating2.patch
>
>
> Currently, it's impossible to require either form authentication or basic authentication. I need to support both since we want the former for the users using a browser and the later for REST. At a config level, I don't really care which one is used, I just want to know they're authenticated.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (SHIRO-283) Add ability to support basic auth and
form authentication simultaneously
Posted by "Jared Bunting (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHIRO-283?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jared Bunting updated SHIRO-283:
--------------------------------
Attachment: permissive-authenticating2.patch
Here's how I would go about doing this. Essentially, we're adding the ability, on both filters, to not require a user to login.
> Add ability to support basic auth and form authentication simultaneously
> ------------------------------------------------------------------------
>
> Key: SHIRO-283
> URL: https://issues.apache.org/jira/browse/SHIRO-283
> Project: Shiro
> Issue Type: Bug
> Reporter: Dan Diephouse
> Attachments: permissive-authenticating2.patch
>
>
> Currently, it's impossible to require either form authentication or basic authentication. I need to support both since we want the former for the users using a browser and the later for REST. At a config level, I don't really care which one is used, I just want to know they're authenticated.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (SHIRO-283) Add ability to support basic auth
and form authentication simultaneously
Posted by "Les Hazlewood (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHIRO-283?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13179179#comment-13179179 ]
Les Hazlewood commented on SHIRO-283:
-------------------------------------
Jared and Dan, do you consider this issue resolved?
> Add ability to support basic auth and form authentication simultaneously
> ------------------------------------------------------------------------
>
> Key: SHIRO-283
> URL: https://issues.apache.org/jira/browse/SHIRO-283
> Project: Shiro
> Issue Type: Bug
> Reporter: Dan Diephouse
> Attachments: permissive-authenticating2.patch
>
>
> Currently, it's impossible to require either form authentication or basic authentication. I need to support both since we want the former for the users using a browser and the later for REST. At a config level, I don't really care which one is used, I just want to know they're authenticated.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (SHIRO-283) Add ability to support basic auth
and form authentication simultaneously
Posted by "Jan (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHIRO-283?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13482559#comment-13482559 ]
Jan commented on SHIRO-283:
---------------------------
The solution to this is described in the documentation at: http://shiro.apache.org/session-management.html#SessionManagement-AHybridApproach
That works for me so I suppose this issue is fixed.
> Add ability to support basic auth and form authentication simultaneously
> ------------------------------------------------------------------------
>
> Key: SHIRO-283
> URL: https://issues.apache.org/jira/browse/SHIRO-283
> Project: Shiro
> Issue Type: Improvement
> Reporter: Dan Diephouse
> Attachments: permissive-authenticating2.patch
>
>
> Currently, it's impossible to require either form authentication or basic authentication. I need to support both since we want the former for the users using a browser and the later for REST. At a config level, I don't really care which one is used, I just want to know they're authenticated.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira