I am now able to create a session and it is sending back to the header. I can now access the session value on any REST services and go from there to determine if the user has the permission to consume the REST endpoint or not. I know this is not good practice as REST are meant to be stateless.
My question now is: How to redirect to another url? *shiro ini:* authc = org.apache.shiro.web.filter.authc.PassThruAuthenticationFilter authc.successUrl = http://www.google.com How to implement this in my REST endpoint with Java so that if a user goes to another REST endpoint, I can redirect the user to another url if the user does not have permission to that REST endpoint? *currently I am using: * @Context HttpServletResponse res; res.sendRedirect("http://www.google.com";); this works fine, but how to use Shiro redirect? -- View this message in context: http://shiro-user.582556.n2.nabble.com/How-to-get-the-user-session-using-apache-shiro-with-jersey-RESTful-tp7579771p7579806.html Sent from the Shiro User mailing list archive at Nabble.com.
