[
https://issues.apache.org/jira/browse/SHIRO-71?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Benjamin Marwell updated SHIRO-71:
----------------------------------
Component/s: Integration: Spring
> Using SecureRemoteInvocationFactory without a preestablished session
> --------------------------------------------------------------------
>
> Key: SHIRO-71
> URL: https://issues.apache.org/jira/browse/SHIRO-71
> Project: Shiro
> Issue Type: Improvement
> Components: Integration: Spring
> Reporter: Jasper Siepkes
> Priority: Minor
>
> The current implementation of the SecureRemoteInvocationFactory type assumes
> a use case where there has already been a session established via some other
> means then RMI. This use case can been seen in the Swing Webstart / Spring
> example. This example application creates a session via Spring webflow and
> then passes the session id of the newly created session to the Java Webstart
> application as a property.
> While this works fine for a Java Webstart environment it creates a problem
> for other uses cases where there is no preestablished session. For example a
> use case where you want your users to be able to login via a stand alone
> Swing application which uses Spring and RMI.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
