Details
-
New Feature
-
Status: Closed
-
Critical
-
Resolution: Fixed
-
None
-
None
-
None
Description
This use case is connected to WS security.
I would like to use shiro in session less mode . The reason for that is that each ws request will be issued with own security ctx (principals and credential),which are part of soap header and therefor no session management is needed/wanted at all.
what is needed is a filter that will do the subject unbinding from threadlocal as complement to PasswordValidationCallback.PasswordValidator where the actual binding can be done. But what i'm missing is the session less factory for subject creation.
Attachments
Issue Links
- is related to
-
SHIRO-266 Login/Logout: Enable pluggable Subject state binding
- Closed