You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@aurora.apache.org by "Amol Deshmukh (JIRA)" <ji...@apache.org> on 2016/01/09 02:01:46 UTC
[jira] [Commented] (AURORA-1576) Allow for plugging in
cli-configurable filters that are invoked post shiro filters.
[ https://issues.apache.org/jira/browse/AURORA-1576?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15090293#comment-15090293 ]
Amol Deshmukh commented on AURORA-1576:
---------------------------------------
Review request: https://reviews.apache.org/r/42046/
> Allow for plugging in cli-configurable filters that are invoked post shiro filters.
> -----------------------------------------------------------------------------------
>
> Key: AURORA-1576
> URL: https://issues.apache.org/jira/browse/AURORA-1576
> Project: Aurora
> Issue Type: Task
> Reporter: Amol Deshmukh
>
> Currently, the command line option {{shiro_realm_modules}} allows plugging in custom modules that can extend/configure the http security functionality. However, loading such modules from within a {{ShiroWebModule}} prevents plugging in a Guice module that extends {{ServletModule}} due to a Guice limitation ^✝^. This makes it impossible to register a custom filter ^✝✝^ that intercepts the request post the shiro filter chain via the shiro_realm_modules hook.
> ✝ ~HttpSecurityModule is a ServletModule which loads the shiro_real_modules via ShiroWebModule which is a PrivateModule. While Guice allows registering nested ServletModules, it does not allow registering nested ServletModules via an intervening PrivateModule. A similar issue has been reported as [Guice issue #639|https://github.com/google/guice/issues/639].~
> ✝✝ ~Such a filter may be used, for example, to implement a delegation mechanism by inspecting custom headers in the request.~
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)