Jean, What is the reasoning behind making Shiro work with node.js? Do you have an existing java app that uses Shiro that you need to integrate with?
If not, there are probably much simpler and lightweight solutions. I personally think it would be awesome to take Shiro concepts and implement it in Javascript. I had a conversation with Les a while back about Shiro and node and I seem to recall that he was considering implementations in other languages. It sounded more like a long-term goal than anything available soon. There are some security tools for node that you could evaluate or utilize for inspiration. Below is a list of security-related node.js resources I've been tracking. I haven't yet used any of them, so can't give any advice on which tools are better. I'm interested in security and node, so please follow up with any conclusions you come to. Thanks, Tauren ---- h3. Security: "The Guard: Access Control List (ACL) in Javascript": https://github.com/dariocravero/the-guard.js http://wegnerdesign.com/filedrop/why-node-js-security/ http://stackoverflow.com/questions/3737062/managing-sessions-in-nodejs h3. Authentication, OpenID, OAuth "Passport - simple auth for node":http://passportjs.org/ "EveryAuth Github":https://github.com/bnoguchi/everyauth "EveryAuth Tutorial": http://nodetuts.com/tutorials/26-starting-with-everyauth.html "EveryAuth Tutorial for Node KnockOut": http://blog.nodeknockout.com/post/9417557660/countdown-to-ko-23-login-with-password-facebook https://github.com/ciaranj/connect-auth On Mon, Apr 2, 2012 at 7:02 PM, Jean Barmash <[email protected]> wrote: > Hello, > > I am thinking of using Shiro with Node.js (most likely with Express). > Still evaluating whether to use Shiro through some kind of java bridge on > the same server, or possibly wrap Shiro as a separate authorization service > that Node will make calls to over HTTP. > > Wondering if anybody has attempted any integrations between Shiro and > Node.js. > > Thanks, > > > Jean >
