You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@shiro.apache.org by Les Hazlewood <lh...@apache.org> on 2011/01/05 03:41:44 UTC
Re: use PropertiesRealm
Hello,
The PropertiesRealm is really old and hasn't been maintained in a while.
I highly recommend using the IniRealm instead, which allows you to do
everything that the Properties realm allowed, but is even easier to
read and/or organize since you break up the user and role definitions
into their own ini sections. For example:
[users]
root=root,administrator
jerry=jerry,manager,teller
jack=jack,contractor
Much nicer than having to prefix each line with 'user.' or 'role.' IMO.
And in Spring XML:
<bean id="iniRealm" class="org.apache.shiro.realm.text.IniRealm">
<property name="resourcePath" value="classpath:shiro.ini"/>
</bean>
HTH,
--
Les Hazlewood
Founder, Katasoft, Inc.
Application Security Products & Professional Apache Shiro Support and Training:
http://www.katasoft.com
On Sat, Dec 25, 2010 at 12:26 PM, acec acec <to...@yahoo.ca> wrote:
> Hi, all
> I try to use PropertiesRealm, but I always got "invalid username or password" error.
>
> The following is my shiro-users.properties and applicationContext-shiro.xml
>
> ===============shiro-users.properties============
> user.root=root,administrator
> user.jerry=jerry,manager,teller
> user.jack=jack,contractor
>
> ====================applicationContext-shiro.xml===============
> <?xml version="1.0" encoding="UTF-8"?>
> <beans xmlns="http://www.springframework.org/schema/beans"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> xmlns:p="http://www.springframework.org/schema/p"
> xmlns:util="http://www.springframework.org/schema/util"
>
> xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
> http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-3.0.xsd">
>
> <bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor"/>
>
> <bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean"
> p:securityManager-ref="securityManager"
> p:loginUrl="/login.html">
> <property name="filters">
> <util:map>
> <entry key="authc">
> <bean class="org.apache.shiro.web.filter.authc.PassThruAuthenticationFilter"/>
> </entry>
> </util:map>
> </property>
> <property name="filterChainDefinitions">
> <value>
> /admin/** = authc, roles[admin]
> /teller/** = authc, roles[teller]
> /** = authc
> </value>
> </property>
> </bean>
>
> <bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager"
> p:realm-ref="propertiesRealm"/>
>
> <bean id="propertiesRealm" class="org.apache.shiro.realm.text.PropertiesRealm"/>
>
> </beans>
Re: use PropertiesRealm
Posted by acec acec <to...@yahoo.ca>.
After I read the code of IniRealm class, I changed my spring been as:
<bean name="iniRealm" class="org.apache.shiro.realm.text.IniRealm">
<constructor-arg type="java.lang.String" value="classpath:shiro.ini"/>
</bean>
Then it works fine.
--- On Thu, 1/6/11, acec acec <to...@yahoo.ca> wrote:
> From: acec acec <to...@yahoo.ca>
> Subject: Re: use PropertiesRealm
> To: user@shiro.apache.org
> Received: Thursday, January 6, 2011, 11:37 AM
> Hi, Les Hazlewood
> Thanks for your help.
> I tried IniRealm, it does not work. My login page just show
> "Invalid username or password.." error message.
> -------------------shiro.ini------------------------------------------
> [users]
> root=root,admin
>
> [roles]
> admin=*
>
> ---------applicationContext-shiro.xml---------------------------------
> <?xml version="1.0" encoding="UTF-8"?>
> <beans xmlns="http://www.springframework.org/schema/beans"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> xmlns:p="http://www.springframework.org/schema/p"
> xmlns:util="http://www.springframework.org/schema/util"
>
> xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
> http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-3.0.xsd">
>
> <bean id="lifecycleBeanPostProcessor"
> class="org.apache.shiro.spring.LifecycleBeanPostProcessor"/>
>
> <bean id="shiroFilter"
> class="org.apache.shiro.spring.web.ShiroFilterFactoryBean"
>
> p:securityManager-ref="securityManager"
>
> p:loginUrl="/login.html">
> <property
> name="filters">
> <util:map>
>
> <entry key="authc">
>
> <bean
> class="org.apache.shiro.web.filter.authc.PassThruAuthenticationFilter"/>
>
> </entry>
>
> </util:map>
> </property>
> <property
> name="filterChainDefinitions">
>
> <value>
>
> /admin/** = authc, roles[admin]
>
> /teller/** = authc, roles[teller]
>
> /** = authc
>
> </value>
> </property>
> </bean>
>
> <bean id="securityManager"
> class="org.apache.shiro.web.mgt.DefaultWebSecurityManager"
>
> p:realm-ref="iniRealm"/>
>
> <bean id="iniRealm"
> class="org.apache.shiro.realm.text.IniRealm"
>
> p:resourcePath="classpath:shiro.ini"/>
>
> </beans>
> -------------------------------------------------------------
> --- On Tue, 1/4/11, Les Hazlewood <lh...@apache.org>
> wrote:
>
> > From: Les Hazlewood <lh...@apache.org>
> > Subject: Re: use PropertiesRealm
> > To: user@shiro.apache.org
> > Received: Tuesday, January 4, 2011, 9:41 PM
> > Hello,
> >
> > The PropertiesRealm is really old and hasn't been
> > maintained in a while.
> >
> > I highly recommend using the IniRealm instead, which
> allows
> > you to do
> > everything that the Properties realm allowed, but is
> even
> > easier to
> > read and/or organize since you break up the user and
> role
> > definitions
> > into their own ini sections. For example:
> >
> > [users]
> > root=root,administrator
> > jerry=jerry,manager,teller
> > jack=jack,contractor
> >
> > Much nicer than having to prefix each line with
> 'user.' or
> > 'role.' IMO.
> >
> > And in Spring XML:
> >
> > <bean id="iniRealm"
> > class="org.apache.shiro.realm.text.IniRealm">
> > <property name="resourcePath"
> > value="classpath:shiro.ini"/>
> > </bean>
> >
> > HTH,
> >
> > --
> > Les Hazlewood
> > Founder, Katasoft, Inc.
> > Application Security Products & Professional
> Apache
> > Shiro Support and Training:
> > http://www.katasoft.com
> >
> > On Sat, Dec 25, 2010 at 12:26 PM, acec acec <to...@yahoo.ca>
> > wrote:
> > > Hi, all
> > > I try to use PropertiesRealm, but I always got
> > "invalid username or password" error.
> > >
> > > The following is my shiro-users.properties and
> > applicationContext-shiro.xml
> > >
> > >
> ===============shiro-users.properties============
> > > user.root=root,administrator
> > > user.jerry=jerry,manager,teller
> > > user.jack=jack,contractor
> > >
> > >
> >
> ====================applicationContext-shiro.xml===============
> > > <?xml version="1.0" encoding="UTF-8"?>
> > > <beans xmlns="http://www.springframework.org/schema/beans"
> > > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> > > xmlns:p="http://www.springframework.org/schema/p"
> > > xmlns:util="http://www.springframework.org/schema/util"
> > >
> > > xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
> > > http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-3.0.xsd">
> > >
> > > <bean
> id="lifecycleBeanPostProcessor"
> >
> class="org.apache.shiro.spring.LifecycleBeanPostProcessor"/>
> > >
> > > <bean id="shiroFilter"
> >
> class="org.apache.shiro.spring.web.ShiroFilterFactoryBean"
> > >
> > p:securityManager-ref="securityManager"
> > >
> p:loginUrl="/login.html">
> > > <property
> > name="filters">
> > > <util:map>
> > > <entry key="authc">
> > > <bean
> >
> class="org.apache.shiro.web.filter.authc.PassThruAuthenticationFilter"/>
> > > </entry>
> > >
> </util:map>
> > > </property>
> > > <property
> > name="filterChainDefinitions">
> > > <value>
> > > /admin/** = authc,
> > roles[admin]
> > > /teller/** = authc,
> > roles[teller]
> > > /** = authc
> > > </value>
> > > </property>
> > > </bean>
> > >
> > > <bean id="securityManager"
> >
> class="org.apache.shiro.web.mgt.DefaultWebSecurityManager"
> > >
> > p:realm-ref="propertiesRealm"/>
> > >
> > > <bean id="propertiesRealm"
> >
> class="org.apache.shiro.realm.text.PropertiesRealm"/>
> > >
> > > </beans>
> >
>
>
>
Re: use PropertiesRealm
Posted by acec acec <to...@yahoo.ca>.
Hi, Les Hazlewood
Thanks for your help.
I tried IniRealm, it does not work. My login page just show "Invalid username or password.." error message.
-------------------shiro.ini------------------------------------------
[users]
root=root,admin
[roles]
admin=*
---------applicationContext-shiro.xml---------------------------------
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:p="http://www.springframework.org/schema/p"
xmlns:util="http://www.springframework.org/schema/util"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-3.0.xsd">
<bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor"/>
<bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean"
p:securityManager-ref="securityManager"
p:loginUrl="/login.html">
<property name="filters">
<util:map>
<entry key="authc">
<bean class="org.apache.shiro.web.filter.authc.PassThruAuthenticationFilter"/>
</entry>
</util:map>
</property>
<property name="filterChainDefinitions">
<value>
/admin/** = authc, roles[admin]
/teller/** = authc, roles[teller]
/** = authc
</value>
</property>
</bean>
<bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager"
p:realm-ref="iniRealm"/>
<bean id="iniRealm" class="org.apache.shiro.realm.text.IniRealm"
p:resourcePath="classpath:shiro.ini"/>
</beans>
-------------------------------------------------------------
--- On Tue, 1/4/11, Les Hazlewood <lh...@apache.org> wrote:
> From: Les Hazlewood <lh...@apache.org>
> Subject: Re: use PropertiesRealm
> To: user@shiro.apache.org
> Received: Tuesday, January 4, 2011, 9:41 PM
> Hello,
>
> The PropertiesRealm is really old and hasn't been
> maintained in a while.
>
> I highly recommend using the IniRealm instead, which allows
> you to do
> everything that the Properties realm allowed, but is even
> easier to
> read and/or organize since you break up the user and role
> definitions
> into their own ini sections. For example:
>
> [users]
> root=root,administrator
> jerry=jerry,manager,teller
> jack=jack,contractor
>
> Much nicer than having to prefix each line with 'user.' or
> 'role.' IMO.
>
> And in Spring XML:
>
> <bean id="iniRealm"
> class="org.apache.shiro.realm.text.IniRealm">
> <property name="resourcePath"
> value="classpath:shiro.ini"/>
> </bean>
>
> HTH,
>
> --
> Les Hazlewood
> Founder, Katasoft, Inc.
> Application Security Products & Professional Apache
> Shiro Support and Training:
> http://www.katasoft.com
>
> On Sat, Dec 25, 2010 at 12:26 PM, acec acec <to...@yahoo.ca>
> wrote:
> > Hi, all
> > I try to use PropertiesRealm, but I always got
> "invalid username or password" error.
> >
> > The following is my shiro-users.properties and
> applicationContext-shiro.xml
> >
> > ===============shiro-users.properties============
> > user.root=root,administrator
> > user.jerry=jerry,manager,teller
> > user.jack=jack,contractor
> >
> >
> ====================applicationContext-shiro.xml===============
> > <?xml version="1.0" encoding="UTF-8"?>
> > <beans xmlns="http://www.springframework.org/schema/beans"
> > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> > xmlns:p="http://www.springframework.org/schema/p"
> > xmlns:util="http://www.springframework.org/schema/util"
> >
> > xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
> > http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-3.0.xsd">
> >
> > <bean id="lifecycleBeanPostProcessor"
> class="org.apache.shiro.spring.LifecycleBeanPostProcessor"/>
> >
> > <bean id="shiroFilter"
> class="org.apache.shiro.spring.web.ShiroFilterFactoryBean"
> >
> p:securityManager-ref="securityManager"
> > p:loginUrl="/login.html">
> > <property
> name="filters">
> > <util:map>
> > <entry key="authc">
> > <bean
> class="org.apache.shiro.web.filter.authc.PassThruAuthenticationFilter"/>
> > </entry>
> > </util:map>
> > </property>
> > <property
> name="filterChainDefinitions">
> > <value>
> > /admin/** = authc,
> roles[admin]
> > /teller/** = authc,
> roles[teller]
> > /** = authc
> > </value>
> > </property>
> > </bean>
> >
> > <bean id="securityManager"
> class="org.apache.shiro.web.mgt.DefaultWebSecurityManager"
> >
> p:realm-ref="propertiesRealm"/>
> >
> > <bean id="propertiesRealm"
> class="org.apache.shiro.realm.text.PropertiesRealm"/>
> >
> > </beans>
>