[
https://issues.apache.org/jira/browse/SHIRO-107?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Les Hazlewood resolved SHIRO-107.
---------------------------------
Resolution: Fixed
I added the patch with adjustments and a rename to be a little clearer as
org.apache.shiro.web.filter.authz.HttpMethodPermissionFilter. Feel free to
review implementation and JavaDoc.
> Filter chain definitions should match on request method as well as request
> path (REST support)
> ----------------------------------------------------------------------------------------------
>
> Key: SHIRO-107
> URL: https://issues.apache.org/jira/browse/SHIRO-107
> Project: Shiro
> Issue Type: New Feature
> Components: Web
> Reporter: Les Hazlewood
> Assignee: Les Hazlewood
> Fix For: 1.0.0
>
> Attachments: SHIRO-107.diff
>
>
> To support REST environments, it would be nice to specify a filter chain
> definition based on not only the request path, but also the request method
> (PUT, GET, POST, DELETE) to support rest environments.
> For example:
> /data/stocks/**:post = authc, roles[admin]
> /data/stocks/** = authc
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
