they can be (if configured to use a servlet (its normal)
and a servlet filter could be made to work (this is how spring security
implements theirs for example), but it seems like doubling up on the
same task to me since there is already the SecureRemoteInvocationExecutor
Narcom wrote:
I use Spring HTTP-based remoting.
client example:
<bean id="sampleManager"
class="org.springframework.remoting.httpinvoker.HttpInvokerProxyFactoryBean">
<property name="serviceUrl"
value="http://localhost:8084/SpringRemoting/remoting/secure/sampleManager"/>
<property name="serviceInterface"
value="my.samples.shiro.spring.SampleManager"/>
<property name="remoteInvocationFactory"
ref="secureRemoteInvocationFactory"/>
</bean>
<bean id="secureRemoteInvocationFactory"
class="org.apache.shiro.spring.remoting.SecureRemoteInvocationFactory"/>
As I understand Spring remoting based on servlet technology?
Les Hazlewood-3 wrote:
The filters only work for an incoming servlet request. Are you using
HTTP-based remoting? Or Java RMI or some other mechanism?
