You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@shiro.apache.org by bd...@apache.org on 2016/09/21 13:31:35 UTC
svn commit: r1761734 - /shiro/site/publish/webapp-tutorial.html
Author: bdemers
Date: Wed Sep 21 13:31:35 2016
New Revision: 1761734
URL: http://svn.apache.org/viewvc?rev=1761734&view=rev
Log:
minor update to web tutorial
Modified:
shiro/site/publish/webapp-tutorial.html
Modified: shiro/site/publish/webapp-tutorial.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/webapp-tutorial.html?rev=1761734&r1=1761733&r2=1761734&view=diff
==============================================================================
--- shiro/site/publish/webapp-tutorial.html (original)
+++ shiro/site/publish/webapp-tutorial.html Wed Sep 21 13:31:35 2016
@@ -207,8 +207,9 @@ securityManager.cacheManager = $cacheMan
</code></pre></li>
<li><p>Also change the file permissions to ensure only you can read this file. For example, on *nix operating systems:</p>
<pre><code>$ chmod go-rwx $HOME/.stormpath/apiKey.properties
+$ chmod u-w $HOME/.stormpath/apiKey.properties
</code></pre></li>
-</ol><h4>Retrieve the default Stormpath Application</h4><p>When you signed up for Stormpath, an empty application was automatically created for you. It’s called: <code>My Application</code>.</p><p>We have to register our web application with Stormpath to allow the app to use Stormpath for user management and authentication. In order to register our web application with the <code>My Application</code> Stormpath application, we need to know some information. Fortunately, we can retrieve this information using the Stormpath API.</p><p>First, we need the location of your tenant from Stormpath. Here’s how you get that:</p>
+</ol><p>On Windows, you can <a href="http://msdn.microsoft.com/en-us/library/bb727008.aspx">set file permissions similarly</a>.</p><h4>Retrieve the default Stormpath Application</h4><p>When you signed up for Stormpath, an empty application was automatically created for you. It’s called: <code>My Application</code>.</p><p>We have to register our web application with Stormpath to allow the app to use Stormpath for user management and authentication. In order to register our web application with the <code>My Application</code> Stormpath application, we need to know some information. Fortunately, we can retrieve this information using the Stormpath API.</p><p>First, we need the location of your tenant from Stormpath. Here’s how you get that:</p>
<pre><code>curl -i --user $YOUR_API_KEY_ID:$YOUR_API_KEY_SECRET \
'https://api.stormpath.com/v1/tenants/current'
</code></pre><p>where:</p>
@@ -246,7 +247,7 @@ Connection: keep-alive
...
}
</code></pre><p>Make note of your top-level <code>href</code> from above - we will use this href in the <code>shiro.ini</code> configuration next.</p><h4>Create an application test user account</h4><p>Now that we have an application, we’ll want to create a sample/test user for that application:</p>
-<pre><code>curl -X POST --user $YOUR_API_KEY_ID:$YOUR_API_KEY_SECRET \
+<pre><code>curl --request POST --user $YOUR_API_KEY_ID:$YOUR_API_KEY_SECRET \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-d '{
@@ -262,27 +263,29 @@ Connection: keep-alive
<li>$YOUR_API_KEY_ID is the apiKey.id value in apiKey.properties and</li>
<li>$YOUR_API_KEY_SECRET is the apiKey.secret value in apiKey.properties</li>
<li>$YOUR_APPLICATION_HREF is the application <code>href</code> you made note of above</li>
-</ul><p>Again, don’t forget to change <code>$YOUR_APPLICATION_ID</code> in the URL above to match your application’s ID!</p><h3>2b: Configure the Realm in <code>shiro.ini</code></h3><p>Once you choose at least one user store to connect to for Shiro’s needs, we’ll need to configure a <code>Realm</code> that represents that data store and then tell the Shiro <code>SecurityManager</code> about it.</p><p>If you’ve checked out the <code>step2</code> branch, you’ll notice the <code>shiro.ini</code> file’s <code>[main]</code> section now has the following additions:</p>
+</ul><p>Again, don’t forget to change <code>$YOUR_APPLICATION_ID</code> in the URL above to match your application’s ID!</p><h3>2b: Configure the Realm in <code>shiro.ini</code></h3><p>Once you choose at least one user store to connect to for Shiro’s needs, we’ll need to configure a <code>Realm</code> that represents that data store and then tell the Shiro <code>SecurityManager</code> about it.</p><p>If you’ve checked out the <code>step2</code> branch, you’ll notice the <code>src/main/webapp/WEB-INF/shiro.ini</code> file’s <code>[main]</code> section now has the following additions:</p>
<pre><code># Configure a Realm to connect to a user datastore. In this simple tutorial, we'll just point to Stormpath since it
# takes 5 minutes to set up:
stormpathClient = com.stormpath.shiro.client.ClientFactory
stormpathClient.cacheManager = $cacheManager
-stormpathClient.apiKeyFileLocation = $HOME/.stormpath/apiKey.properties
+
+# (Optional) If you put your apiKey.properties in the non-default location, you set the location here
+#stormpathClient.apiKeyFileLocation = $HOME/.stormpath/apiKey.properties
+
stormpathRealm = com.stormpath.shiro.realm.ApplicationRealm
stormpathRealm.client = $stormpathClient
# Find this URL in your Stormpath console for an application you create:
# Applications -> (choose application name) --> Details --> REST URL
-stormpathRealm.applicationRestUrl = https://api.stormpath.com/v1/applications/$STORMPATH_APPLICATION_ID
+# (Optional) If you only have one Application
+#stormpathRealm.applicationRestUrl = https://api.stormpath.com/v1/applications/$STORMPATH_APPLICATION_ID
+
stormpathRealm.groupRoleResolver.modeNames = name
securityManager.realm = $stormpathRealm
-</code></pre><p>Make the following changes:</p>
-<ol>
- <li><p>Change the <code>$HOME</code> placeholder to be your actual home directory path, e.g. <code>/home/jsmith</code> so the final <code>stormpathClient.apiKeyFileLocation</code> value is something like <code>/home/jsmith/.stormpath/apiKey.properties</code>. This path must match the location of the <code>apiKey.properties</code> file you downloaded from Stormpath in Step 2a.</p></li>
- <li><p>Change the <code>$STORMPATH_APPLICATION_ID</code> placeholder to be the actual ID value in the <code>href</code> returned from Stormpath at the end of Step 2a. The final <code>stormpathRealm.applicationRestUrl</code> value should look something like <code>https://api.stormpath.com/v1/applications/6hsPwoRZ0hCk6ToytVxi4D</code> (with a different application ID of course).</p></li>
-</ol><h3>2c: Commit your changes</h3><p>Your replaced <code>$HOME</code> and <code>STORMPATH_APPLICATION_ID</code> values are specific to your application. Go ahead and commit those changes to your branch:</p>
-<pre><code>$ git add . && git commit -m "updated app-specific placeholders" .
-</code></pre><h3>2d: Run the webapp</h3><p>After making the changes as specified in Step 2b and 2c, go ahead and run the web app:</p>
+</code></pre><p>Note the optional lines: </p>
+<ul>
+ <li>If you have been using Stormpath for a while and you have more then one Stormpath application, the <code>stormpathRealm.applicationRestUrl</code> property must be set.</li>
+</ul><h3>2d: Run the webapp</h3><p>After making the changes as specified in Step 2b and 2c, go ahead and run the web app:</p>
<pre><code>$ mvn jetty:run
</code></pre><p>This time, you will see log output similar to the following, indicating that Shiro and the new Realm are configured properly in your webapp:</p>
<pre><code>16:08:25.466 [main] INFO o.a.shiro.web.env.EnvironmentLoader - Starting Shiro environment initialization.