Perhaps it is better when I am a bit more specific:
As the /secure url is a api. The session is only valid for the call.
This implies that authorization has to be done before the secure
method is executed.
How can I achieve this? Do I need to create a custom filter based on
the BasicHttpAuthenticationFilter that filters the '/secure' path?
Should I activate that filter in the guice config
(filter("/*").through(MyBasicHttpAuthenticationFilter.class); or
should I add this filter to the AbstractShiroFilter?
Or is there a better way?
I'm kind of lost here -.-
Mark
On Mon, Mar 14, 2011 at 7:17 PM, Mark Engel <[email protected]> wrote:
> Hello Les,
>
> like Filipe mentioned, Guice uses Aop, too.
> In order to use Guice with the
> AopAllianceAnnotationsAuthorizingMethodInterceptor I had to add Spring
> dependency to my project.
> , although it is not mentioned explicitly in the dependencies.
>
> But it works with Guice, at least.
>
> But now that I do not need the ini anymore I don't know a way how I
> can specify that I need want to have BasicHttpAuth on some Urls.
> How can I do that?
>
> I put up a example project on Github, which you can find here:
> https://github.com/mren/java-rest-boilerplate
>
> The url that needs basic http authentication is localhost:8080/secure.
> How is it possible to do that without using the ini?
>
> Best wishes Mark
>
>
>
>
>
> On Tue, Mar 8, 2011 at 11:10 PM, Les Hazlewood <[email protected]> wrote:
>> Thanks Filipe - good to know.
>>
>> On Tue, Mar 8, 2011 at 1:08 PM, Filipe Sousa <[email protected]> wrote:
>>> On Tue, Mar 8, 2011 at 8:19 PM, Les Hazlewood <[email protected]> wrote:
>>>> Hi there,
>>>>
>>>> I'm not sure this is entirely correct - Shiro implements AOP Alliance
>>>> interceptors in it's Spring module. We also support AspectJ-style
>>>> AOP. Does the AOP Alliance stuff that we currently have need to be
>>>> split into its own AOP Alliance module?
>>>>
>>>> I wasn't aware of significant adoption of the AOP Alliance APIs
>>>> outside of the Spring community. It sounds like Guice may use it too
>>>> - is this correct?
>>>
>>> That is correct
>>> http://code.google.com/p/google-guice/wiki/AOP
>>>
>>> --
>>> Filipe Sousa
>>
>
