Shiro
  1. Shiro
  2. SHIRO-107

Filter chain definitions should match on request method as well as request path (REST support)

    Details

    • Type: New Feature New Feature
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 1.0.0
    • Component/s: Web
    • Labels:
      None

      Description

      To support REST environments, it would be nice to specify a filter chain definition based on not only the request path, but also the request method (PUT, GET, POST, DELETE) to support rest environments.

      For example:

      /data/stocks/**:post = authc, roles[admin]
      /data/stocks/** = authc

      1. SHIRO-107.diff
        8 kB
        Brian Demers

        Activity

        Hide
        Les Hazlewood added a comment -

        I added the patch with adjustments and a rename to be a little clearer as org.apache.shiro.web.filter.authz.HttpMethodPermissionFilter. Feel free to review implementation and JavaDoc.

        Show
        Les Hazlewood added a comment - I added the patch with adjustments and a rename to be a little clearer as org.apache.shiro.web.filter.authz.HttpMethodPermissionFilter. Feel free to review implementation and JavaDoc.
        Hide
        Les Hazlewood added a comment -

        Closing all resolved issues due to a successful 1.0.0-incubating release

        Show
        Les Hazlewood added a comment - Closing all resolved issues due to a successful 1.0.0-incubating release

          People

          • Assignee:
            Les Hazlewood
            Reporter:
            Les Hazlewood
          • Votes:
            2 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development