Hi Will, I assume when you say 'auth' you mean AuthC, aka Authentication and not AuthZ, Authorization. If so, there isn't any current docs on it, but it is super simple. Here is how you do it in shiro.ini (for example, assuming /rest/** endpoints are stateless):
[urls] /rest/** = noSessionCreation,authcBasic The 'noSessionCreation' filter ensures that Shiro (or anyone else further down the filter chain) won't create a new Http Session, enforcing statelessness. The authcBasic is a typical HTTP Basic Authentication filter that calls subject.login. HTH, -- Les Hazlewood CTO, Stormpath | http://stormpath.com <http://www.stormpath.com/> | 888.391.5282 twitter: @lhazlewood | http://twitter.com/lhazlewood blog: http://leshazlewood.com stormpath blog: http://www.stormpath.com/blog<http://www.stormpath.com/blog/index> On Tue, May 8, 2012 at 2:23 AM, Will Sargent <[email protected]> wrote: > I've updated the play-shiro project to use 1.2.0 and Play 2.0.1. > > Is there an example for how to use stateless auth in the shiro docs? I > was never quite sure about that. > > Will. > > On Wed, May 2, 2012 at 6:35 PM, Claire Hunsaker <[email protected]>wrote: > >> Hi All - >> >> There has been a lot of good Shiro action on GitHub recently, including >> some worthy, in-progress projects that could use some extra hands (marked >> below with **). >> >> In case you want to jump in, I posted a roundup on the Stormpath blog: >> http://www.stormpath.com/blog/github-roundup-new-apache-shiro-projects >> >> Included: >> -- Grails Integration >> -- Play/Shiro Integration** >> -- Spring MVC + Shiro + myBatis + JSR-303 Validation from Bubba** >> -- Shiro on Google App Engine >> -- OAuth for Shiro >> -- Lift Integration for Apache Shiro >> -- 55 Minutes Wicket >> >> Please let me know if I missed any! >> Claire >> >> -- >> Claire Hunsaker >> VP Community and Marketing, Stormpath >> [email protected] >> www.stormpath.com >> Follow us: @goStormpath >> >> >> >> >> >
