Uploaded image for project: 'Shiro'
  1. Shiro
  2. SHIRO-266

Login/Logout: Enable pluggable Subject state binding

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 1.0.0, 1.1.0
    • Fix Version/s: 1.2.0
    • Component/s: Session Management, Subject
    • Labels:
      None

      Description

      After login, a subject's state (principals, authentication state, etc) are bound to the Subject's session. This allows Shiro to reconstruct the Subject instance later on by acquiring a Session (e.g. by id) and reconstructing the Subject based on the Session's state.

      In stateless environments (e.g. some REST-enabled applications), it is not desirable to create a session. There should be a pluggable component that performs state binding and unbinding for subject login and logout, respectively. Stateless applications can choose to configure Shiro with a stateless binder if they don't want sessions to be created.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                lhazlewood Les Hazlewood
                Reporter:
                lhazlewood Les Hazlewood
              • Votes:
                2 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: