You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@shiro.apache.org by melvyndekort <me...@mdekort.nl> on 2012/06/03 17:55:19 UTC
Re: Shiro in CDI/JPA2/JSF2 project
I've created an extended EnvironmentLoaderListener.
But I see now when I try to login that my securityManger has no realms
available.
Do you know if my securityManager could be overwritten somewhere?
public class CdiEnvironmentLoaderListener extends EnvironmentLoaderListener
{
@Inject
JpaRealm jpaRealm;
@Override
protected WebEnvironment createEnvironment(ServletContext sc) {
WebEnvironment environment = super.createEnvironment(sc);
RealmSecurityManager rsm = (RealmSecurityManager)
environment.getSecurityManager();
HashedCredentialsMatcher matcher = new HashedCredentialsMatcher();
matcher.setHashAlgorithmName(Sha256Hash.ALGORITHM_NAME);
jpaRealm.setCredentialsMatcher(matcher);
rsm.setRealm(jpaRealm);
((DefaultWebEnvironment) environment).setSecurityManager(rsm);
return environment;
}
}
atomicknight wrote
>
> You can't use the built-in EnvironmentLoaderListener because it doesn't
> use
> injection to build the Environment. However, you should be able to extend
> it and override #createEnvironment(ServletContext) to use an injected
> CdiWebEnvironment instance:
>
> public class CdiEnvironmentLoaderListener extends
> EnvironmentLoaderListener
> {
> @Inject
> private CdiWebEnvironment environment;
>
> protected WebEnvironment createEnvironment(ServletContext sc) {
> // Do your initialization here
> return environment;
> }
> }
>
> I haven't actually tried this because I ended up writing my own
> version of EnvironmentLoaderListener,
> but this should work.
>
--
View this message in context: http://shiro-user.582556.n2.nabble.com/Shiro-in-CDI-JPA2-JSF2-project-tp7577437p7577461.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: Shiro in CDI/JPA2/JSF2 project
Posted by melvyndekort <me...@mdekort.nl>.
Hi,
It's difficult to see what you did without some code.
I've made a simple example of my code and put it on Dropbox.
You can download it here:
http://dl.dropbox.com/u/6753023/shiro_cdi_example.tar.gz
Greetz,
Melvyn
On Tue, Dec 11, 2012 at 5:46 AM, vinnywm [via Shiro User] <
ml-node+s582556n7578034h81@n2.nabble.com> wrote:
> I'm going through the same problem. I've done all the changes recommended
> here but nothing work.
>
> The error that is thrown is: (says it is not a required type of
> WebEnvironment)
>
> WARNING: java.lang.IllegalStateException: ContainerBase.addChild: start:
> org.apache.catalina.LifecycleException:
> org.apache.shiro.config.ConfigurationException: Custom WebEnvironment class
> [br.com.webbiz.saga.control.listener.CdiEnvironmentListener] is not of
> required type [org.apache.shiro.web.env.WebEnvironment]
> java.lang.IllegalStateException: ContainerBase.addChild: start:
> org.apache.catalina.LifecycleException:
> org.apache.shiro.config.ConfigurationException: Custom WebEnvironment class
> [br.com.webbiz.saga.control.listener.CdiEnvironmentListener] is not of
> required type [org.apache.shiro.web.env.WebEnvironment]
>
> What do I do?
>
> ------------------------------
> If you reply to this email, your message will be added to the discussion
> below:
>
> http://shiro-user.582556.n2.nabble.com/Shiro-in-CDI-JPA2-JSF2-project-tp7577437p7578034.html
> To unsubscribe from Shiro in CDI/JPA2/JSF2 project, click here<http://shiro-user.582556.n2.nabble.com/template/NamlServlet.jtp?macro=unsubscribe_by_code&node=7577437&code=bWVsdnluQG1kZWtvcnQubmx8NzU3NzQzN3w4NzA5MDUzNzE=>
> .
> NAML<http://shiro-user.582556.n2.nabble.com/template/NamlServlet.jtp?macro=macro_viewer&id=instant_html%21nabble%3Aemail.naml&base=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.NodeNamespace&breadcrumbs=notify_subscribers%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml>
>
--
View this message in context: http://shiro-user.582556.n2.nabble.com/Shiro-in-CDI-JPA2-JSF2-project-tp7577437p7578039.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: Shiro in CDI/JPA2/JSF2 project
Posted by sh...@xoxy.net.
Sounds like the scenario described here:
https://issues.apache.org/jira/browse/OWB-481
Try adding some logging/print statements to see if the two
ServletContextListeners are being initialized in the expected order. If
not, it looks like you'll need to manually bootstrap OpenWebBeans.
Re: Shiro in CDI/JPA2/JSF2 project
Posted by reinisv <sh...@orbit-x.de>.
Despite the code from Melvyn (thanks man!) and tip from atomicknight
(cheers!) in this thread:
http://shiro-user.582556.n2.nabble.com/Realm-can-not-be-managed-by-CDI-td7502061.html
I still can't manage to make it work :-/
I assume this is caused by my CDI implementation framework (OpenWebbeans)
and the way I am bootstrapping the IoC container.
What happens is that in my customized EnvironmentLoaderListener the injected
Realm is null. I attempted to inject some of my beans and debugging showed
that injection is not working at all.
I know this is only indirectly related to shiro, but still could be useful
for anyone who will attempt to enable OWB CDI in shiro.
So my question is this - based on web.xml, is the issue that OWB is also
bootstrapping through ServletContextListerner? Or are there some other
obvious errors that would cause IoC not to work in my customized
EnvironmentLoaderListener?
web.xml
-----------------------------
<listener>
<listener-class>org.apache.webbeans.servlet.WebBeansConfigurationListener</listener-class>
</listener>
<listener>
<listener-class>myco.web.filter.CdiWebEnvironmentLoaderListener</listener-class>
</listener>
<listener>
<listener-class>org.apache.myfaces.webapp.StartupServletContextListener</listener-class>
</listener>
<filter>
<filter-name>ShiroFilter</filter-name>
<filter-class>org.apache.shiro.web.servlet.ShiroFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>ShiroFilter</filter-name>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>org.apache.myfaces.webapp.MyFacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.xhtml</url-pattern>
</servlet-mapping>
--------------------------------------
Thank you for your help
Reinis
--
View this message in context: http://shiro-user.582556.n2.nabble.com/Shiro-in-CDI-JPA2-JSF2-project-tp7577437p7577848.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: Shiro in CDI/JPA2/JSF2 project
Posted by melvyndekort <me...@mdekort.nl>.
I've been doing some debugging and I found the cause.
Instead of configuring the ShiroFilter in my web.xml I had the
*Ini*ShiroFilter configured.
The IniShiroFilter creates a new SecurityManager from the ini file.
This new SecurityManager didn't know about the realm I've added in my
EnvironmentLoader, so it didn't have any realms.
I replaced it with the ShiroFilter in my web.xml and all seems to be working
now with my CdiEnvironmentLoaderListener.
Thank you for your help atomicknight!
If anybody with the same issues wants a sample of my configuration, just
mail me.
atomicknight wrote
>
> Nothing looks obviously wrong to me - I'm fairly certain that the
> SecurityManager should not be overwritten by any other systems. Have you
> checked your server logs for exceptions or error messages? It may also be
> helpful to attach a debugger to see if the initialization is actually
> occurring as you'd expect.
>
--
View this message in context: http://shiro-user.582556.n2.nabble.com/Shiro-in-CDI-JPA2-JSF2-project-tp7577437p7577466.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: Shiro in CDI/JPA2/JSF2 project
Posted by sh...@xoxy.net.
Nothing looks obviously wrong to me - I'm fairly certain that the
SecurityManager should not be overwritten by any other systems. Have you
checked your server logs for exceptions or error messages? It may also be
helpful to attach a debugger to see if the initialization is actually
occurring as you'd expect.
On Sun, Jun 3, 2012 at 11:55 AM, melvyndekort - melvyn@mdekort.nl wrote:
> I've created an extended EnvironmentLoaderListener.
> But I see now when I try to login that my securityManger has no realms
> available.
> Do you know if my securityManager could be overwritten somewhere?
>
> public class CdiEnvironmentLoaderListener extends EnvironmentLoaderListener
> {
> @Inject
> JpaRealm jpaRealm;
>
> @Override
> protected WebEnvironment createEnvironment(ServletContext sc) {
> WebEnvironment environment = super.createEnvironment(sc);
>
> RealmSecurityManager rsm = (RealmSecurityManager)
> environment.getSecurityManager();
>
> HashedCredentialsMatcher matcher = new HashedCredentialsMatcher();
> matcher.setHashAlgorithmName(Sha256Hash.ALGORITHM_NAME);
>
> jpaRealm.setCredentialsMatcher(matcher);
>
> rsm.setRealm(jpaRealm);
>
> ((DefaultWebEnvironment) environment).setSecurityManager(rsm);
>
> return environment;
> }
> }
>
>
> atomicknight wrote
> >
> > You can't use the built-in EnvironmentLoaderListener because it doesn't
> > use
> > injection to build the Environment. However, you should be able to extend
> > it and override #createEnvironment(ServletContext) to use an injected
> > CdiWebEnvironment instance:
> >
> > public class CdiEnvironmentLoaderListener extends
> > EnvironmentLoaderListener
> > {
> > @Inject
> > private CdiWebEnvironment environment;
> >
> > protected WebEnvironment createEnvironment(ServletContext sc) {
> > // Do your initialization here
> > return environment;
> > }
> > }
> >
> > I haven't actually tried this because I ended up writing my own
> > version of EnvironmentLoaderListener,
> > but this should work.
> >
>
> --
> View this message in context:
> http://shiro-user.582556.n2.nabble.com/Shiro-in-CDI-JPA2-JSF2-project-tp7577437p7577461.html
> Sent from the Shiro User mailing list archive at Nabble.com.
>
>