My point was more the fact that you could use basic auth, and drop a cookie for the following requests. (Basically just replacing the form login)
-Brian > On Sep 2, 2014, at 3:17 AM, Dominic Farr <[email protected]> wrote: > > Not sure that makes sense. Basic authentication uses HTTP Headers, not > cookies. See Here > > Yes, Shiro can handle security for ajax stacks like AngularJS, but it all > depends on your security requirements; Basic, Session based cookies, or Token > based authentication (sometimes called Bearer Token.) > > OAuth did a nice break down for AngularJS and security, you can read that here > > Best of luck. > > Dom > >> On 2 Sep 2014 03:26, "Brian Demers" <[email protected]> wrote: >> You could use BASIC auth (and check for a cookie) >> >> -Brian >> >>> On Sep 1, 2014, at 11:03 AM, Anant Rao <[email protected]> wrote: >>> >>> Hi, >>> >>> I am a backend developer. Using Shiro, I implemented a form-based >>> authenticator with SHA256 salted password hasher. All of this works great. >>> Now, the front-end developer says he is using angularJS and he's unable to >>> mix form-based auth with the rest of his stuff and asked me to figure out >>> if I can support AJAX based thing for Auth also. >>> >>> I'm not familiar with the front-end technologies. Could you help me >>> understand if Shiro supports such AJAX-based authentication. >>> Thanks! >>> Anant
