Thank you for the response Jared. I got distracted by other tasks and wasn't able to get back to this until now. :(
I'm using JME3 which has it's own networking API (SpiderMonkey) for sending messages between client and server. I need to ping the JME developers next to make sure I haven't missed something but my impression is that there is no significant support for security. Originally, after looking at the architecture diagram for Shiro (http://shiro.apache.org/assets/images/ShiroArchitecture.png) I had the impression that it could handle the network transport between an application and the security manager as well as between the security manager and a backend database. Ie - I thought I could instance a Subject and a UsernamePasswordToken and then Subject.login(token) would magically communicate over the network to the the server running the security manager. I was trying to figure out how the necessary information got communicated to enable that. Unfortunately, I'm still at the point where I don't know what I don't know. :) For now, I've decided to send the login and password in clear text to a server implementing a Shiro SM and try to get things working on the server side first. Hopefully that'll get me far enough along the learning curve on both ends to have a better idea of what's really necessary in this type of system. -M -- View this message in context: http://shiro-user.582556.n2.nabble.com/java-client-authenticating-with-remote-security-manager-tp7579464p7579471.html Sent from the Shiro User mailing list archive at Nabble.com.
