Uploaded image for project: 'Shiro'
  1. Shiro
  2. SHIRO-200

Add ability to configure basic authentication for specific HTTP methods

    XMLWordPrintableJSON

    Details

      Description

      Currently, if one configures the basic authentication filter for a URL, it is applied to all HTTP methods. However, I'd like the read-only methods (GET, HEAD) to be completely open and only the update methods requiring authentication. Proposed syntax:
      <pre>
      [urls]
      /basic/** = authcBasic[POST,PUT,DELETE]
      </pre>
      I have attached a patch for review.

      BTW, the test case could do with renaming - it doesn't match the name of the class it's testing.

        Attachments

        1. MethodSpecificBasicAuth.patch
          8 kB
          Peter Ledbrook

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              pledbrook Peter Ledbrook
            • Votes:
              1 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: