Fair enough; But I would not recommend that approach.
On 2 September 2014 13:30, Brian Demers <[email protected]> wrote: > My point was more the fact that you could use basic auth, and drop a > cookie for the following requests. (Basically just replacing the form login) > > > > -Brian > > On Sep 2, 2014, at 3:17 AM, Dominic Farr <[email protected]> wrote: > > Not sure that makes sense. Basic authentication uses HTTP Headers, not > cookies. See Here > <http://en.wikipedia.org/wiki/Basic_access_authentication> > > Yes, Shiro can handle security for ajax stacks like AngularJS, but it all > depends on your security requirements; Basic, Session based cookies, > or Token based authentication (sometimes called Bearer Token.) > > OAuth did a nice break down for AngularJS and security, you can read that > here > <https://auth0.com/blog/2014/01/07/angularjs-authentication-with-cookies-vs-token/> > > Best of luck. > > Dom > On 2 Sep 2014 03:26, "Brian Demers" <[email protected]> wrote: > >> You could use BASIC auth (and check for a cookie) >> >> -Brian >> >> On Sep 1, 2014, at 11:03 AM, Anant Rao <[email protected]> wrote: >> >> Hi, >> >> I am a backend developer. Using Shiro, I implemented a form-based >> authenticator with SHA256 salted password hasher. All of this works great. >> Now, the front-end developer says he is using angularJS and he's unable >> to mix form-based auth with the rest of his stuff and asked me to figure >> out if I can support AJAX based thing for Auth also. >> >> I'm not familiar with the front-end technologies. Could you help me >> understand if Shiro supports such AJAX-based authentication. >> Thanks! >> Anant >> >> >>
