See org.apache.shiro.web.filter.authz.HttpMethodPermissionFilter Kalle
On Thu, Oct 14, 2010 at 7:10 AM, Peter Ledbrook <[email protected]> wrote: > Hi guys, > > I'd like to add support for method-specific Basic authentication, but > I need some hints on how to implement. The basic idea is that I want a > rule like: > > [urls] > /plugin/** = authcBasic[POST,PUT,DELETE] > > In other words, I'd like to enable basic authentication for the write > methods, but not the read ones. The question is, how do I retrieve the > list of specified HTTP methods from within the filter implementation? > > Of course, if there is an existing approach that will have the same > effect I'm all ears! > > Thanks, > > Peter >
