You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@shiro.apache.org by Hendy Irawan <he...@soluvas.com> on 2011/04/06 22:48:26 UTC
RE: Avoiding authorization when using authcBasic filter
I also want to do similar to this, but actually much simpler (no permissions
check, just "optional" authentication).
I still don't know how to make shiro use HTTP Basic Auth (authcBasic) while
at the same time allowing anonymous!
If I use anon, getSubject().getPrincipal() will return null.
If I use authcBasic, getSubject().getPrincipal() will return username if
credentials is valid, or else the request will be rejected.
What I want is, return username if credentials is valid, return null if
credentials is not valid.
--
View this message in context: http://shiro-user.582556.n2.nabble.com/Avoiding-authorization-when-using-authcBasic-filter-tp5948538p6247561.html
Sent from the Shiro User mailing list archive at Nabble.com.