Shiro
  1. Shiro
  2. SHIRO-71

Using SecureRemoteInvocationFactory without a preestablished session

    Details

    • Type: Improvement Improvement
    • Status: Open
    • Priority: Minor Minor
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: None
    • Labels:
      None

      Description

      The current implementation of the SecureRemoteInvocationFactory type assumes a use case where there has already been a session established via some other means then RMI. This use case can been seen in the Swing Webstart / Spring example. This example application creates a session via Spring webflow and then passes the session id of the newly created session to the Java Webstart application as a property.

      While this works fine for a Java Webstart environment it creates a problem for other uses cases where there is no preestablished session. For example a use case where you want your users to be able to login via a stand alone Swing application which uses Spring and RMI.

        Activity

        Jasper Siepkes created issue -
        Niclas Hedhman made changes -
        Field Original Value New Value
        Project Ki [ 12310890 ] Shiro [ 12310950 ]
        Key KI-76 SHIRO-71
        Affects Version/s 0.9 [ 12313691 ]
        Component/s Authentication (log-in) [ 12312672 ]
        Component/s Integration: Spring [ 12312680 ]
        Component/s Session Management [ 12312683 ]
        Fix Version/s 1.0 [ 12313690 ]

          People

          • Assignee:
            Unassigned
            Reporter:
            Jasper Siepkes
          • Votes:
            1 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:

              Development