[SHIRO-200] Add ability to configure basic authentication for specific HTTP methods - ASF JIRA

XML

Word

Printable

JSON

Details

Type: New Feature
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 1.0.0
Fix Version/s: 1.3.0
Component/s: Authentication (log-in), Web
Labels:
- patch
- patch-with-test

Description

Currently, if one configures the basic authentication filter for a URL, it is applied to all HTTP methods. However, I'd like the read-only methods (GET, HEAD) to be completely open and only the update methods requiring authentication. Proposed syntax:
<pre>
[urls]
/basic/** = authcBasic[POST,PUT,DELETE]
</pre>
I have attached a patch for review.

BTW, the test case could do with renaming - it doesn't match the name of the class it's testing.

Attachments

Options
- Sort By Name
- Sort By Date
- Ascending
- Descending

Attachments

MethodSpecificBasicAuth.patch
15/Oct/10 09:57
8 kB
Peter Ledbrook

Activity

People

Assignee:

Unassigned

Reporter:

Peter Ledbrook

Votes:

1 Vote for this issue

Watchers:

1 Start watching this issue

Dates

Created:

15/Oct/10 09:56

Updated:

22/Jul/16 14:11

Resolved:

11/Jul/16 22:49