Laszlo Hornyak created SHIRO-620:
------------------------------------
Summary: authentication and authorization support for spring
websocket
Key: SHIRO-620
URL: https://issues.apache.org/jira/browse/SHIRO-620
Project: Shiro
Issue Type: New Feature
Components: Authentication (log-in), Authorization (access control)
Reporter: Laszlo Hornyak
Shiro could add some support for spring websockets.
{code:xml}
<websocket:handlers>
<websocket:mapping path="/ws" handler="wsHandler"/>
<websocket:handshake-interceptors>
<bean
class="org.apache.shiro.somepackage.WebsocketSecurityInterceptor"></bean>
</websocket:handshake-interceptors>
</websocket:handlers>
{code}
This security interceptor could do two things by overriding the beforeHandshake
method:
* Decide whether or not the user can open the websocket
* Set authentication information in the socket attributes
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
