[jira] [Commented] (SHIRO-620) authentication and authorization support for spring websocket

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[jira] [Commented] (SHIRO-620) authentication and authorization support for spring websocket

JIRA jira@apache.org

    [ https://issues.apache.org/jira/browse/SHIRO-620?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15949669#comment-15949669 ]

Brian Demers commented on SHIRO-620:
------------------------------------

We can defiantly bump the Spring major versions for the 2.0 !

> authentication and authorization support for spring websocket
> -------------------------------------------------------------
>
>                 Key: SHIRO-620
>                 URL: https://issues.apache.org/jira/browse/SHIRO-620
>             Project: Shiro
>          Issue Type: New Feature
>          Components: Authentication (log-in), Authorization (access control)
>            Reporter: Laszlo Hornyak
>              Labels: features, security, spring, websocket
>
> Shiro could add some support for spring websockets.
> {code:xml}
> <websocket:handlers>
> <websocket:mapping path="/ws" handler="wsHandler"/>
> <websocket:handshake-interceptors>
> <bean class="org.apache.shiro.somepackage.WebsocketSecurityInterceptor"></bean>
> </websocket:handshake-interceptors>
> </websocket:handlers>
> {code}
> This security interceptor could do two things by overriding the beforeHandshake method:
>  * Decide whether or not the user can open the websocket
>  * Set authentication information in the socket attributes



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)