You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@shiro.apache.org by "Maison (JIRA)" <ji...@apache.org> on 2013/03/02 10:03:12 UTC
[jira] [Created] (SHIRO-420) Allow a configurable strategy to
backup runAs() informations
Maison created SHIRO-420:
----------------------------
Summary: Allow a configurable strategy to backup runAs() informations
Key: SHIRO-420
URL: https://issues.apache.org/jira/browse/SHIRO-420
Project: Shiro
Issue Type: Improvement
Components: Configuration
Affects Versions: 1.2.1
Reporter: Maison
Subject.runAs() saves current subject principal in a stack into user session ; this saved information will be popped by Subject.releaseRunAs().
Thus Subject.runAs() is not usable with the noSessionFilter.
Use of session may not always be desirable (in case of stateless web application where no session should be created).
Alternatively it would be interesting to be able to configure the way runAs() informations are saved.
A RunAsManager (or something similar) in the SecurityManager that could be consulted for runAs operations. Then you could plug in a persistence strategy, whether it be via the session or something else.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira