Uploaded image for project: 'Shiro'
  1. Shiro
  2. SHIRO-311

allow the use of shiro as Autorization only framework

    Details

      Description

      currently shiro uses login as the only entry point to the application which uses authentication and authorization procedures, defined in the chosen subclasses realm.
      however in many organization's intranet , a domain authentication is already employed making the authentication process in shiro redundant.

      in order to keep consistency with the framework, a new type of Token should be created called AuthenticatedToken. the difference is shiro would be able to create such a token in it's filter by inspecting getRemoteUer of the HTTP request, which according to the spec is !=null only when the user is authenticated.

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              emaayan Elhanan Maayan
            • Votes:
              1 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated: