[jira] [Created] (SHIRO-620) authentication and authorization support for spring websocket

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

[jira] [Created] (SHIRO-620) authentication and authorization support for spring websocket

JIRA jira@apache.org
Laszlo Hornyak created SHIRO-620:
------------------------------------

             Summary: authentication and authorization support for spring websocket
                 Key: SHIRO-620
                 URL: https://issues.apache.org/jira/browse/SHIRO-620
             Project: Shiro
          Issue Type: New Feature
          Components: Authentication (log-in), Authorization (access control)
            Reporter: Laszlo Hornyak


Shiro could add some support for spring websockets.

{code:xml}
        <websocket:handlers>
                <websocket:mapping path="/ws" handler="wsHandler"/>
                <websocket:handshake-interceptors>
                        <bean class="org.apache.shiro.somepackage.WebsocketSecurityInterceptor"></bean>
                </websocket:handshake-interceptors>
        </websocket:handlers>

{code}

This security interceptor could do two things by overriding the beforeHandshake method:
 * Decide whether or not the user can open the websocket
 * Set authentication information in the socket attributes





--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
Loading...