[SHIRO-414] Create generic HttpAuthenticationFilter supporting multiple HTTP authentication schemes - ASF JIRA

XML

Word

Printable

JSON

Details

Type: New Feature
Status: Open
Priority: Major
Resolution: Unresolved
Affects Version/s: None
Fix Version/s: 2.0.0
Component/s: Authentication (log-in), Web
Labels:
None

Description

The BasicHttpAuthentication filter assumes HTTP's 'Basic' authentication scheme. But HTTP Authentication can support multiple schemes - instead of creating a filter per scheme, like we assume today, it probably makes sense to have a single filter that can support multiple schemes.

This issue is to create a general HttpAuthenticationFilter that allows one or more pluggable Schemes. Each Scheme should be able to resolve an authentication token based on the Authorization header value.

Existing authc filters (e.g. BasicHttpAuthenticationFilter) can leverage this new concept if necessary - they would just be a filter that comes pre-configured with a single scheme.

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Les Hazlewood

Votes:: 2 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Created:: 17/Jan/13 17:50

Updated:: 06/Mar/23 08:06