You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@shiro.apache.org by "david e. berry (JIRA)" <ji...@apache.org> on 2010/05/17 21:26:42 UTC

[jira] Updated: (SHIRO-160) Flex integration with Shiro

     [ https://issues.apache.org/jira/browse/SHIRO-160?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

david e. berry updated SHIRO-160:
---------------------------------

    Attachment: amf package layout.png

picture of the proposed package layout for amf support

> Flex integration with Shiro
> ---------------------------
>
>                 Key: SHIRO-160
>                 URL: https://issues.apache.org/jira/browse/SHIRO-160
>             Project: Shiro
>          Issue Type: New Feature
>          Components: Authentication (log-in), Authorization (access control) 
>    Affects Versions: Incubation
>            Reporter: david e. berry
>         Attachments: amf package layout.png
>
>
> Commiters,
> I have created the following classes that I used to integrate Shiro with Flex AMF. I would like to contribute them to the shiro. Please let me know if there is interest and the procedure for doing so. I have included the class names with a brief description of what they do. They are currently outside of the Shiro code base that I checked out, but I could combine them if interested.
> Best Regards,
> Dave 
> /* Authentication and Authorization need to let AMF Ping, Login, Logout messages pass through
> without processing. They call FlexMessageHelper to introspect the binary message to see if it is allowed to pass. 
> If not, normal Authentication, and Authorization takes place.
> */  
> public class FlexAuthenticationFilter extends AuthenticationFilter;
> public class FlexPermissionsAuthorizationFilter extends PermissionsAuthorizationFilter;
> public class FlexRolesAuthorizationFilter extends RolesAuthorizationFilter;
> /*Helper methods for introspecting the contents of the amf message. It is conceivable that a security handler
> might need to introspect the contents of a request. It would be nice if Shiro wrapped the request automatically so that anyone can read the contents without
> causing an end of stream error for a filter down the line. 
> Message helper deserializes the AMF message and checks to see if it is a PING, LOGON, or LOGOUT request. 
> */ 
> public class FlexHttpServletRequestWrapper extends HttpServletRequestWrapper;
> public class FlexMessageHelper;
> /* Custom Flex Login command that calls Subject.login returns a Principal back to Flex.
> */
> public class FlexLoginCommand implements LoginCommand;
> public class FlexPrincipal implements Principal;

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.