Well, at least I'm glad to hear your solution was simple :) Best,
-- Les Hazlewood Founder, Katasoft, Inc. Application Security Products & Professional Apache Shiro Support and Training: http://www.katasoft.com On Mon, Oct 11, 2010 at 12:34 PM, Mike K <[email protected]> wrote: > > Yes Les, you are correct that this approach could be dangerous. However, our > security configuration is elsewhere (through AOP intercept of jax-rs > annotated methods). The reason this is attractive to us is that it allows > simple shell scripting with curl, without changing the behavior of the JS ui > that does not have an actual login page without the http auth challenge > grabbing control of presentation. > -- > View this message in context: > http://shiro-user.582556.n2.nabble.com/simple-auth-hack-tp5623918p5624366.html > Sent from the Shiro User mailing list archive at Nabble.com. >
