Hello Shiro users, I have a rather unusual authentication scheme, and don't know how to handle that with Shiro for now.
Basically, I'd like to authenticate users with one of the two following methods : 1- by a client certificate OR 2- with basic http Case 1 is handled by a external reverse proxy, which put client x509 certificate into http request headers. Thus I'd like the following logic : - if request contains x509 headers, use that to create token - else use standard authcBasic Shiro filter. If a specify two filters on the same url in the ini config file, I guess both filters will be executed ? How can I shortcut authcBasic if first filter already returns a token ? I'd surprised if Shiro could not handle such a case (different types of authentication) out of the box. Do I have to implement a custom filter, which inherits (or better compose) authcBasic ? Any advice would be appreciated. Regards, M. Maison
