[SHIRO-200] Add ability to configure basic authentication for specific HTTP methods - ASF JIRA

Agile Board

Attach files

Attach Screenshot

Voters

Watch issue

Watchers

Create sub-task

Link

Clone

Update Comment Author

Replace String in Comment

Update Comment Visibility

Delete Comments

XML

Word

Printable

JSON

Details

Type: New Feature
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 1.0.0
Fix Version/s: 1.3.0
Component/s: Authentication (log-in), Web
Labels:
- patch
- patch-with-test

Description

Currently, if one configures the basic authentication filter for a URL, it is applied to all HTTP methods. However, I'd like the read-only methods (GET, HEAD) to be completely open and only the update methods requiring authentication. Proposed syntax:
<pre>
[urls]
/basic/** = authcBasic[POST,PUT,DELETE]
</pre>
I have attached a patch for review.

BTW, the test case could do with renaming - it doesn't match the name of the class it's testing.

Attachments

MethodSpecificBasicAuth.patch
15/Oct/10 09:57
8 kB
Peter Ledbrook

Activity

Comment

$i18n.getText('security.level.explanation', $currentSelection) Viewable by All Users

Cancel

People

Assignee:

Unassigned

Reporter:

Peter Ledbrook

Votes:

1 Vote for this issue

Watchers:

1 Start watching this issue

Dates

Created:

15/Oct/10 09:56

Updated:

22/Jul/16 14:11

Resolved:

11/Jul/16 22:49

Agile

View on Board

Details

Description

Attachments

Attachments

Activity

People

Dates

Agile

Issue deployment