Uploaded image for project: 'Shiro'
  1. Shiro
  2. SHIRO-414

Create generic HttpAuthenticationFilter supporting multiple HTTP authentication schemes

    XMLWordPrintableJSON

    Details

    • Type: New Feature
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: 2.0.0
    • Labels:
      None

      Description

      The BasicHttpAuthentication filter assumes HTTP's 'Basic' authentication scheme. But HTTP Authentication can support multiple schemes - instead of creating a filter per scheme, like we assume today, it probably makes sense to have a single filter that can support multiple schemes.

      This issue is to create a general HttpAuthenticationFilter that allows one or more pluggable Schemes. Each Scheme should be able to resolve an authentication token based on the Authorization header value.

      Existing authc filters (e.g. BasicHttpAuthenticationFilter) can leverage this new concept if necessary - they would just be a filter that comes pre-configured with a single scheme.

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              lhazlewood Les Hazlewood
            • Votes:
              2 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

              • Created:
                Updated: