I've looked at this project before (but I personally have not used it) Basically it comes down to two things:
Creating a token via an Authentication Filter (this one seems to use form and a JWT, but you could just create one for your token) https://github.com/panchitoboy/shiro-jwt/blob/master/src/main/java/com/github/panchitoboy/shiro/jwt/filter/JWTOrFormAuthenticationFilter.java And a realm that will accept the token, and handle it: https://github.com/panchitoboy/shiro-jwt/blob/master/src/main/java/com/github/panchitoboy/shiro/jwt/realm/JWTRealm.java On Tue, Nov 15, 2016 at 11:51 AM, Bart van Leeuwen < [email protected]> wrote: > Hi, > > I was wondering if someone has a how-to for token based authentication ? > > I would like to use Shiro to protect a API and for that use header fields > to contain a API Key. > Any hints would be greatly appreciated! > > Met Vriendelijke Groet / With Kind Regards > Bart van Leeuwen > > ############################################################## > # twitter: @semanticfire > # Netage B.V. > # http://netage.nl > # Esdoornstraat 3 > # 3461ER Linschoten > # The Netherlands > # tel. +31(0)6-53182997 > ##############################################################
