Thanks for you reply... I tried your suggestion but I am still having some issues with basic auth. The basic auth prompt does shows up whenever I try to access anything under "/api/**", but it never succeeds, it keeps on prompting me. The only other difference in my set up is that I am using CASFilter/Realm setup which works absolutely fine when I access anything under "/web/**".
Here my full shiro.ini [main] casFilter = org.apache.shiro.cas.CasFilter casFilter.failureUrl = /error.jsp casFilter.successUrl = /home.jsp casRealm = org.apache.shiro.cas.CasRealm casRealm.defaultRoles = ROLE_USER casRealm.casServerUrlPrefix = http://cas.domain.com/ casRealm.casService = http://app.domain.com:8080/myapp/shiro-cas casSubjectFactory = org.apache.shiro.cas.CasSubjectFactory securityManager.subjectFactory = $casSubjectFactory sessionManager = org.apache.shiro.web.session.mgt.DefaultWebSessionManager sessionDAO = org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO securityManager.sessionManager = $sessionManager securityManager.sessionManager.sessionDAO = $sessionDAO roles.loginUrl = http://cas.domain.com/login?service=http://app.domain.com:8080/myapp/shiro-cas [urls] /shiro-cas = casFilter /login.jsp = anon /web/** = roles[ROLE_USER] /api/** = authcBasic /logout = logout -- View this message in context: http://shiro-user.582556.n2.nabble.com/authcBasic-with-shiro-cas-tp7579708p7579730.html Sent from the Shiro User mailing list archive at Nabble.com.
