Got the basic auth and authorization working after changing the shiro config to the following I will later on try to integrate this to DB. But this gives me confidence that Shiro will work.
[main] authBasic = org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter [users] # format: username = password, role1, role2, ..., roleN root = secret,admin guest = guest,guest [roles] #format; roleName = permission1, permission2, ..., permissionN admin = * [urls] /api/** = authBasic I did not get answer to my second question whether it is possible to configure a single shiro.ini for multiple webapp. -- View this message in context: http://shiro-user.582556.n2.nabble.com/rest-glassfish4-shiro-enabled-working-sample-tp7580135p7580144.html Sent from the Shiro User mailing list archive at Nabble.com.
