You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@shiro.apache.org by Ben <be...@autonomic.net> on 2009/02/22 13:29:53 UTC
Integrating JSecurity with Wowza Streaming Media Server
Hi!
I was hoping to integrate JSecurity with Wowza (RTMP(T/S) based protocol
streaming media server) and ran into a small issue
(http://www.jsecurity.org/node/1078#comment-278).
Wowza assigns a fresh thread for each method call from a Thread Pool.
This means that JSecurity looses it's Subject as it likes to store it in
the local Thread.
My tentative solution is to create a WowzaSubjectContainer (WSC)
singleton which stores the Subject's in a HashMap whose key is the
unique ClientId provided by Wowza with each method call.
*Before* any JSecurity methods are invoked (e.g. Annotations) I call an
"associateSubjectWithThread()" method which (if necessary) fetches the
Subject from the WSC and places it on the local thread as JSecurity expects.
*After* the method has run, on the last line, I call a
"disassociateSubjectWithThread()" method, which either simply removes
the Subject from the local Thread and/or removes it from the WSC if the
Subject has been logged out.
I've quickly written up this first attempt here :
http://www.willamaze.eu/?p=357
In my quick and dirty test cases, it seems to work well. If the more
experienced members of this list can warn me about any potential
problems, or give tips about how this scheme could be improved, I'd be
very grateful.
It does actually seem that this is a good candidate for creating another
AOP Annotation (maybe @JSecurityThreadPool) to automatically top and
tail these incoming Wowza ModuleBase methods... It would be great to get
a tip about how to start going about that too!
Many thanks,
Ben