[
https://issues.apache.org/jira/browse/AURORA-1576?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15090293#comment-15090293
]
Amol Deshmukh commented on AURORA-1576:
---------------------------------------
Review request: https://reviews.apache.org/r/42046/
> Allow for plugging in cli-configurable filters that are invoked post shiro
> filters.
> -----------------------------------------------------------------------------------
>
> Key: AURORA-1576
> URL: https://issues.apache.org/jira/browse/AURORA-1576
> Project: Aurora
> Issue Type: Task
> Reporter: Amol Deshmukh
>
> Currently, the command line option {{shiro_realm_modules}} allows plugging in
> custom modules that can extend/configure the http security functionality.
> However, loading such modules from within a {{ShiroWebModule}} prevents
> plugging in a Guice module that extends {{ServletModule}} due to a Guice
> limitation ^✝^. This makes it impossible to register a custom filter ^✝✝^
> that intercepts the request post the shiro filter chain via the
> shiro_realm_modules hook.
> ✝ ~HttpSecurityModule is a ServletModule which loads the shiro_real_modules
> via ShiroWebModule which is a PrivateModule. While Guice allows registering
> nested ServletModules, it does not allow registering nested ServletModules
> via an intervening PrivateModule. A similar issue has been reported as [Guice
> issue #639|https://github.com/google/guice/issues/639].~
> ✝✝ ~Such a filter may be used, for example, to implement a delegation
> mechanism by inspecting custom headers in the request.~
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
