Yeah!
It sounds very good ;)
I'm full agree, let's move forward first on the OAuth2 support!
thanks
François Papon
fpa...@apache.org
Le 11/03/2019 à 18:39, Brian Demers a écrit :
> For Bearer tokens (IMHO), we should treat it the same way we deal with
> Basic auth. Create an
bdemers commented on issue #85: Adding Spring's Filters to
ShiroFilterFactorBean when using Java config
URL: https://github.com/apache/shiro/pull/85#issuecomment-471571234
I'll carve out some time to add some tests in the next couple days, my big
concern is that we might leak Filters
For Bearer tokens (IMHO), we should treat it the same way we deal with
Basic auth. Create an AuthentcationToken based on the input, and let a
Realm implementation deal with it.
For minting the actual token, we start getting into the OAuth2 IdP
territory (once you start thinking about, validating