Login/Logout: Enable pluggable Subject state binding
----------------------------------------------------
Key: SHIRO-266
URL: https://issues.apache.org/jira/browse/SHIRO-266
Project: Shiro
Issue Type: Improvement
Components: Session Management, Subject
Affects Versions: 1.1.0, 1.0.0, 1.0.1, 1.1.1
Reporter: Les Hazlewood
Assignee: Les Hazlewood
Fix For: 1.2.0
After login, a subject's state (principals, authentication state, etc) are
bound to the Subject's session. This allows Shiro to reconstruct the Subject
instance later on by acquiring a Session (e.g. by id) and reconstructing the
Subject based on the Session's state.
In stateless environments (e.g. some REST-enabled applications), it is not
desirable to create a session. There should be a pluggable component that
performs state binding and unbinding for subject login and logout,
respectively. Stateless applications can choose to configure Shiro with a
stateless binder if they don't want sessions to be created.
--
This message is automatically generated by JIRA.
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
