You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@shiro.apache.org by shiro_user <na...@mastercard.com> on 2015/05/04 20:48:41 UTC

Apache HTTP Server as Proxy and Shiro at the container level

For Web Application security , I am planning to have basic authN & AuthZ done
at the proxy layer(Apache HTTP server) and use Apache Shiro at the container
level for addtional Auth Z & Auth N (Step-up if needed). The challange is
how to synchronize the session between the proxy & the container since AuthN
canhappen at 2 levels ( At the proxy it will be basic authentication but at
the container level it could be step-up like an OTP or a security question)

Does anyone have any thoughts or have sample examples on this topic ? Thank
you





--
View this message in context: http://shiro-user.582556.n2.nabble.com/Apache-HTTP-Server-as-Proxy-and-Shiro-at-the-container-level-tp7580537.html
Sent from the Shiro User mailing list archive at Nabble.com.