I ended up implementing an AuthenticatingFilter which, after a
successful login, sends back an access token.
And an AuthorizingFilter which looks for the presence of a valid access
token in a certain http header.
Sorry for the low effort question.
On 13-Oct-16 09:19, Gabriel Titerlea wrote
Hello,
I want to use an http header instead of a cookie for session management.
I have a web-service which is accessed from a web client (web
application) and from a desktop client (desktop application).
I want the desktop client to receive a session header which will be used
for subsequent req
quireRoleAdmin,custom:$customAuthorizer
Does that help?
On Mon, Aug 22, 2016 at 8:24 AM, Gabriel Titerlea
wrote:
Hi,
What is the "custom" variable in the shiro.ini? I am trying to use
buji-pac4j and I see that in a demo application [1] it uses a "custom"
variable.
Whe
Hi,
What is the "custom" variable in the shiro.ini? I am trying to use
buji-pac4j and I see that in a demo application [1] it uses a "custom"
variable.
Where is this variable defined? What is it used for?
I see that it is used like this: custom:$customAuthorizer.
And the variable customAuthor
