Re: Similar Shiro Problem. Help please...!

[Bengt Rodehav <be...@rodehav.com>]

Hello Marlon,

It worked without any problems from what I can remember. I created the
CorsBasicHttpAuthenticationFilter
class and edited my shiro.ini to make sure that it is used. If you never
get into you custom authentication filter's isAccessAllowed method than
there must be a configuration problem. Did you edit your shiro.ini?

I added the shiro user list to this reply since it might be of interest to
others.

/Bengt



2013/6/15 Marlon Chavarria <ma...@tevixmd.com>

>
> http://mail-archives.apache.org/mod_mbox/shiro-user/201304.mbox/%3CCAJ0TPG+VmKcs86jMdEaQuSryrd-OyDrxxH0N0VsiBkEa=e4HQw@mail.gmail.com%3E
>
> Hi, I have a similar problem, I'm trying to use shiro in a cometd web app,
> but, when the browser tries to do a OPTIONS http method, I am getting a 302
> and redirected to login page.
>
> I do what you did, but when I put a breakpoint on the httpMethod
> validation the code is never executed, I allways received get or post
> methods.
>
> Did you see something similar?
>

Re: Similar Shiro Problem. Help please...!

[Nagaraju Kurma <na...@enhancesys.com>]

thanks for the communication.

sorry, i have now where created my own authentication filter, i am using
that built in shiro authentication filter called
FormAuthenticationFilter.... observe my code please once


<bean id="shiroFilter"
class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
<property name="securityManager" ref="securityManager" />
<property name="loginUrl" value="/main/user/performs/login" />
<property name="successUrl"
value="redirect:/main/welcome1?cat=customermanagement.customersummary" />
<property name="unauthorizedUrl" value="/main/admin/unauthorized" />
<property name="filters">
<util:map>
<entry key="logout">
<bean class="org.apache.shiro.web.filter.authc.LogoutFilter">
<property name="redirectUrl" value="/main/user/performs/login"></property>
</bean>
</entry>
<entry key="authc">
<bean
class="org.apache.shiro.web.filter.authc.FormAuthenticationFilter"></bean>
</entry>
</util:map>
</property>
<property name="filterChainDefinitions">
<value>
/main/user/performs/logout = logout
/** = authc
</value>
</

here this "authc" is the form authentication filter, as we know that under
shiroFilter (org.apache.shiro.spring.web.ShiroFilterFactoryBean) whatever
the configuration we have given like properties loginUrl, successUrl,
unauthorizedurl will be applicable for all the filters configured, bulitin
in the property of filters like authc, anon, logout...........etc filters.

here FormAuthenticaation(built-in) filter is using the property of loginUrl
and performing the authentication no issues... but coming to  successUrl,
unauthorizedurl properties are no where getting utilized by the
FormAuthenticationFilter. i am wondering here as some properties are used
remoaining not used.

now pls understand my code and situation please reply, any reply,help is
appreciated..

thanking u very much :)





On Mon, Jun 17, 2013 at 2:39 AM, Bengt Rodehav <be...@rodehav.com> wrote:

> Sorry, I'm no Shiro expert I just wanted to remind you that it's not
> enough to create your own authentication filter - you also have to
> configure Shiro to use it.
>
> /Bengt
>
>
> 2013/6/16 Nagaraju Kurma <na...@enhancesys.com>
>
>> actually in my project no where we are using shiro.ini file... becoz the
>> user list and roles, permission everything we are using to store in elastic
>> search....
>> but i dont understand why shiroFilter (ShiroFilterFactoryBean) uses only
>> loginUrl but nor successUrl and unauthenticatedurl. pls help me if u know..
>> thanks in adv for any assistance.:)
>>
>>
>


-- 

Regards,****

Nagaraju.

Re: Similar Shiro Problem. Help please...!

[Bengt Rodehav <be...@rodehav.com>]

Sorry, I'm no Shiro expert I just wanted to remind you that it's not enough
to create your own authentication filter - you also have to configure Shiro
to use it.

/Bengt


2013/6/16 Nagaraju Kurma <na...@enhancesys.com>

> actually in my project no where we are using shiro.ini file... becoz the
> user list and roles, permission everything we are using to store in elastic
> search....
> but i dont understand why shiroFilter (ShiroFilterFactoryBean) uses only
> loginUrl but nor successUrl and unauthenticatedurl. pls help me if u know..
> thanks in adv for any assistance.:)
>
>

Re: Similar Shiro Problem. Help please...!

[Nagaraju Kurma <na...@enhancesys.com>]

actually in my project no where we are using shiro.ini file... becoz the
user list and roles, permission everything we are using to store in elastic
search....
but i dont understand why shiroFilter (ShiroFilterFactoryBean) uses only
loginUrl but nor successUrl and unauthenticatedurl. pls help me if u know..
thanks in adv for any assistance.:)