Uploaded image for project: 'Shiro'
  1. Shiro
  2. SHIRO-266

Login/Logout: Enable pluggable Subject state binding

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 1.0.0, 1.1.0
    • 1.2.0
    • Session Management, Subject
    • None

    Description

      After login, a subject's state (principals, authentication state, etc) are bound to the Subject's session. This allows Shiro to reconstruct the Subject instance later on by acquiring a Session (e.g. by id) and reconstructing the Subject based on the Session's state.

      In stateless environments (e.g. some REST-enabled applications), it is not desirable to create a session. There should be a pluggable component that performs state binding and unbinding for subject login and logout, respectively. Stateless applications can choose to configure Shiro with a stateless binder if they don't want sessions to be created.

      Attachments

        Issue Links

          Activity

            People

              lhazlewood Les Hazlewood
              lhazlewood Les Hazlewood
              Votes:
              2 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: