You can use the shiro API for user authentication
http://shiro.apache.org/authentication.html#Authentication-Authenticating%7B%7BSubjects%7D%7D
http://shiro.apache.org/authentication.html#Authentication-LoggingOut
Login
Subject currentUser = SecurityUtils.getSubject();
UsernamePasswordToken token = new UsernamePasswordToken(
username.getValue(), password.getValue());
try {
currentUser.login(token);
//user logged
} catch (Exception e) {
username.setValue("");
password.setValue("");
//Not logged!;
}
Logout
currentUser.logout();
Shiro.ini
The shiro filer "authc" redirect the user to a login url. If you don't
want redirection you should not use authc
http://shiro.apache.org/web.html#Web-DefaultFilters
#authc.loginUrl = /login.jsp
#authc.usernameParam = user
#authc.passwordParam = pass
#logout.redirectUrl = /login.jsp
[urls]
#The logout filter makes a redirection
#/logout = logout, anon
#/favicon.ico = anon
/#logo.jpg = anon
#/js/** =anon
#/resources/** =anon
#auth filter makes a redirection
#/** = authc
2014-09-01 10:03 GMT-05:00 Anant Rao <[email protected]>:
> Hi,
>
> I am a backend developer. Using Shiro, I implemented a form-based
> authenticator with SHA256 salted password hasher. All of this works great.
> Now, the front-end developer says he is using angularJS and he's unable to
> mix form-based auth with the rest of his stuff and asked me to figure out if
> I can support AJAX based thing for Auth also.
>
> I'm not familiar with the front-end technologies. Could you help me
> understand if Shiro supports such AJAX-based authentication.
> Thanks!
> Anant
>
