Nope, that's not working. I am allowed into a call that has
@RequiresPermissions("permission2")
even when there is no sessionid and I am not authenticated. My filter chain
is
/remote/** = perms
--
View this message in context:
http://shiro-user.582556.n2.nabble.com/Best-way-to-associate-Session-to-SecureRemoteInvocationFactory-tp5541140p5543347.html
Sent from the Shiro User mailing list archive at Nabble.com.
