You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@shiro.apache.org by "jim.piersol@gmail.com" <ji...@gmail.com> on 2016/07/11 20:24:50 UTC
Basic Digest Auth with Shiro
I am needing to implement Basic Digest Auth with Shiro. I have a JS
webapplication talking to a REST interface.
I was able to find an implementation of Basic Digest on github
https://github.com/afs/http-digest-auth
I have this code in place in my app, but I am having 1 final issue I cannot
seem to get around. When trying to go to the root of my app, i.e.
http://myHost/MyApp After I authenticate, I am not redirected to the
index.html file. Instead my Browser shows a URL like so:
http://myHost/MyApp/;jsessionid=F65014F16076B0320B1425927FC8210B and an
empty page is displayed...
If I cut off the jsessionid piece, and add /index.html to the URL, then I
get to the file correctly.
There is no tech support for the BasicDigest code, so I am posting here
hoping someone might be able to point me in the right direction. For what
its worth, BASIC auth "authcBasic" works perfect.
My Shiro ini looks like this:
##################################################
#-----------
# Main
# ----------
[main]
myRealm = auth.MyCustomRealm
cacheManager = org.apache.shiro.cache.MemoryConstrainedCacheManager
securityManager.cacheManager = $cacheManager
securityManager.realms = $myRealm
authc.successUrl = /index.html
## Filter For HTTP digest authentication
authcDigest= org.seaborne.auth.shiro.DigestHttpIniPassword
#
-----------------------------------------------------------------------------
# URLS - followed by Filter Chains.
#
-----------------------------------------------------------------------------
[urls]
/** = authcDigest
################################################
Looking for any hints or ideas.
Thanks.
--
View this message in context: http://shiro-user.582556.n2.nabble.com/Basic-Digest-Auth-with-Shiro-tp7581116.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: Basic Digest Auth with Shiro
Posted by Lenny Primak <lp...@hope.nyc.ny.us>.
Oh, I am unfamiliar with that one. Debugger is your friend I guess.
Sorry.
> On Jul 11, 2016, at 3:46 PM, jim.piersol@gmail.com wrote:
>
> Yes, I am not denying that :-) Im am just looking for ideas to investigate
> though. When I change from my BasicDigest filter "authcDigest" to
> "authcBasic", then everything redirects fine. I don't think it is a shiro
> issue, but rather something in the org.seaborn implementation for Basic
> Digest. Was hoping to find someone with possible some experience with that
> implementation.
>
>
>
> --
> View this message in context: http://shiro-user.582556.n2.nabble.com/Basic-Digest-Auth-with-Shiro-tp7581116p7581118.html
> Sent from the Shiro User mailing list archive at Nabble.com.
>
Re: Basic Digest Auth with Shiro
Posted by "jim.piersol@gmail.com" <ji...@gmail.com>.
Yes, I am not denying that :-) Im am just looking for ideas to investigate
though. When I change from my BasicDigest filter "authcDigest" to
"authcBasic", then everything redirects fine. I don't think it is a shiro
issue, but rather something in the org.seaborn implementation for Basic
Digest. Was hoping to find someone with possible some experience with that
implementation.
--
View this message in context: http://shiro-user.582556.n2.nabble.com/Basic-Digest-Auth-with-Shiro-tp7581116p7581118.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: Basic Digest Auth with Shiro
Posted by Lenny Primak <lp...@hope.nyc.ny.us>.
That’s normal behavior. After authentication, by default Shiro will re-direct
to the last known URL (which is http://myHost/MyApp ) in your case.
There is something unrelated going on in your app.
The “;jsessionid=xxx” comes from Servlet container and not Shiro, and will not change any behavior.
> On Jul 11, 2016, at 3:24 PM, jim.piersol@gmail.com wrote:
>
> I am needing to implement Basic Digest Auth with Shiro. I have a JS
> webapplication talking to a REST interface.
>
> I was able to find an implementation of Basic Digest on github
> https://github.com/afs/http-digest-auth
>
> I have this code in place in my app, but I am having 1 final issue I cannot
> seem to get around. When trying to go to the root of my app, i.e.
> http://myHost/MyApp After I authenticate, I am not redirected to the
> index.html file. Instead my Browser shows a URL like so:
> http://myHost/MyApp/;jsessionid=F65014F16076B0320B1425927FC8210B and an
> empty page is displayed...
>
> If I cut off the jsessionid piece, and add /index.html to the URL, then I
> get to the file correctly.
>
> There is no tech support for the BasicDigest code, so I am posting here
> hoping someone might be able to point me in the right direction. For what
> its worth, BASIC auth "authcBasic" works perfect.
>
> My Shiro ini looks like this:
> ##################################################
> #-----------
> # Main
> # ----------
> [main]
> myRealm = auth.MyCustomRealm
> cacheManager = org.apache.shiro.cache.MemoryConstrainedCacheManager
> securityManager.cacheManager = $cacheManager
> securityManager.realms = $myRealm
> authc.successUrl = /index.html
>
> ## Filter For HTTP digest authentication
> authcDigest= org.seaborne.auth.shiro.DigestHttpIniPassword
>
> #
> -----------------------------------------------------------------------------
> # URLS - followed by Filter Chains.
> #
> -----------------------------------------------------------------------------
> [urls]
> /** = authcDigest
>
> ################################################
>
> Looking for any hints or ideas.
>
> Thanks.
>
>
>
> --
> View this message in context: http://shiro-user.582556.n2.nabble.com/Basic-Digest-Auth-with-Shiro-tp7581116.html
> Sent from the Shiro User mailing list archive at Nabble.com.
>
Re: Basic Digest Auth with Shiro
Posted by scSynergy <ro...@scsynergy.de>.
The following screenshot shows what Firefox logs when doing Basic
Authentication with Shiro and I am convinced Chrome does not / should not
filter out any related packages. Digest Authentication and Basic
Authentication work almost identically so if Chrome does not log that 401
HTTP response, then I would assume it never was sent by your server.
screen1.png
<http://shiro-user.582556.n2.nabble.com/file/n7581123/screen1.png>
--
View this message in context: http://shiro-user.582556.n2.nabble.com/Basic-Digest-Auth-with-Shiro-tp7581116p7581123.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: Basic Digest Auth with Shiro
Posted by "jim.piersol@gmail.com" <ji...@gmail.com>.
Yes, I have welcome-file configured as well. I am speculating this has
something to do with the dual requests that are sent when doing Basic Digest
Auth but I haven't been able to confirm yet. Is there a way using the
developers Console (Chrome) to see ALL the requests? Seems that it is
filtering out the initial AUTH calls. I might need to be using wireshark.
--
View this message in context: http://shiro-user.582556.n2.nabble.com/Basic-Digest-Auth-with-Shiro-tp7581116p7581122.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: Basic Digest Auth with Shiro
Posted by Kalle Korhonen <ka...@gmail.com>.
Are you sure you want redirection? Or perhaps you just want to configure
your container's welcome file list in web.xml, like so:
<welcome-file-list>
<welcome-file>index.html</welcome-file>
</welcome-file-list>
Kalle
On Mon, Jul 11, 2016 at 1:24 PM, jim.piersol@gmail.com <
jim.piersol@gmail.com> wrote:
> I am needing to implement Basic Digest Auth with Shiro. I have a JS
> webapplication talking to a REST interface.
>
> I was able to find an implementation of Basic Digest on github
> https://github.com/afs/http-digest-auth
>
> I have this code in place in my app, but I am having 1 final issue I cannot
> seem to get around. When trying to go to the root of my app, i.e.
> http://myHost/MyApp After I authenticate, I am not redirected to the
> index.html file. Instead my Browser shows a URL like so:
> http://myHost/MyApp/;jsessionid=F65014F16076B0320B1425927FC8210B and an
> empty page is displayed...
>
> If I cut off the jsessionid piece, and add /index.html to the URL, then I
> get to the file correctly.
>
> There is no tech support for the BasicDigest code, so I am posting here
> hoping someone might be able to point me in the right direction. For what
> its worth, BASIC auth "authcBasic" works perfect.
>
> My Shiro ini looks like this:
> ##################################################
> #-----------
> # Main
> # ----------
> [main]
> myRealm = auth.MyCustomRealm
> cacheManager = org.apache.shiro.cache.MemoryConstrainedCacheManager
> securityManager.cacheManager = $cacheManager
> securityManager.realms = $myRealm
> authc.successUrl = /index.html
>
> ## Filter For HTTP digest authentication
> authcDigest= org.seaborne.auth.shiro.DigestHttpIniPassword
>
> #
>
> -----------------------------------------------------------------------------
> # URLS - followed by Filter Chains.
> #
>
> -----------------------------------------------------------------------------
> [urls]
> /** = authcDigest
>
> ################################################
>
> Looking for any hints or ideas.
>
> Thanks.
>
>
>
> --
> View this message in context:
> http://shiro-user.582556.n2.nabble.com/Basic-Digest-Auth-with-Shiro-tp7581116.html
> Sent from the Shiro User mailing list archive at Nabble.com.
>