[
https://issues.apache.org/jira/browse/SHIRO-392?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15575529#comment-15575529
]
Brian Demers commented on SHIRO-392:
------------------------------------
I'm adding a (generic) JAX-RS module based
[silb/shiro-jersey|https://github.com/silb/shiro-jersey] (after chatting with
the author)
The one thing it lacks from the original is the subject injection {{@Auth}}
annotation, as this varies based on the implementation (Jeresy, RestEasy, Apach
CXF).
*NOTE:* I started going down the path of creating optional dependencies on the
three major JAX-RS implementations, but I think supporting them directly at
this point is outside the scope of the project, and could be a non-issue if the
developer is already using dependency injection.
> Shiro Extension for JAX-RS
> --------------------------
>
> Key: SHIRO-392
> URL: https://issues.apache.org/jira/browse/SHIRO-392
> Project: Shiro
> Issue Type: Improvement
> Reporter: Jan Stamer
>
> We've added an extension to Shiro which enables Shiro annotations in the
> JAX-RS implementation Sun Jersey.
> You can do the following with it:
> @Path("/changelog")
> @RequiresPermissions("repository:read")
> public class ChangelogResourceImpl {
> @POST
> @Consumes(MediaType.APPLICATION_JSON)
> @Path("/addObject")
> @Override
> @RequiresPermissions("repository:write")
> public Response addObject(ObjectJson objectJson) {
> someService.addObject(object);
> return Response.ok().build();
> }
> }
> If the user is not authenticated Http Status Code 401 is returned. If the
> user has insufficient privileges Status Code 403 is returned.
> Right now we've only added support for the annoation @RequiresPermissions.
> The other Shiro annoations could easily be added in the same fashion. Yet
> currently that's the only one we need.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
