You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@shiro.apache.org by "Steve Gorman (JIRA)" <ji...@apache.org> on 2010/01/07 22:25:21 UTC
[jira] Created: (SHIRO-126) Example Multiple Realm Shiro App (LDAP
and DB)
Example Multiple Realm Shiro App (LDAP and DB)
-----------------------------------------------
Key: SHIRO-126
URL: https://issues.apache.org/jira/browse/SHIRO-126
Project: Shiro
Issue Type: Temp
Components: Sample Apps
Affects Versions: 1.0
Environment: Windows
Reporter: Steve Gorman
Priority: Trivial
Attachments: authentication.zipx
I have an intellij project that is a good example of how to create/use an LDAP realm. In fact what it does is choose between two configured realms one a local ShiroDbReal and the other LDAP. If your new to grails/groovy this is a good learning tool. I based it off of the Scott Davis (IBM) blogito tutorial. I create some default users that are not the plain ShiroUser but it is a trivial modification. For my purposes I had to extend the
class ShiroUser extends com.saic.hub.HubUser
but again, I think you will find it elementary to see the effect. In the end it is just a tweaked user class for my purposes and could be done incorrectly but there you go.
When you run the app with grails run-app it will default to the ShiroDbRealm. If you create a file called
file:${userHome}/.authprototype/user_config.groovy
in that file put
ldap.ldapUrls = 'ldap://localhost:389/'
ldap.search.base = 'ou=YOURVALUE,dc=YOURVALUE,dc=YOURVALUE,dc=
YOURVALUE'
ldap.search.user = "YOURVALUE"
ldap.search.pass = "YOURVALUE"
ldap.username.attribute = "YOURVALUE"
ldap.skip.credentialsCheck = false
ldap.allowEmptyPasswords = false
hub.auth.realmName = "ShiroLDAPRealm"
the hub.auth.realmName should be set to whatever name is created by grails create-ldap-realm. I changed mine around some and ended up with ShiroLDAPRealm. The casing is off from the original.
It will load your LDAP realm. The important value to trigger ldap loading is hub.auth.realmName. To test the application delete this line. It will load the ShiroDbRealm and you can login with the dummy users created in bootstrap. Once you have that working and understand it put the line back in the user_config.groovy file. This will override the default value that is in Config.groovy and load the LDAP realm. As long as you have the LDAP settings correct ( that was the really hard part for me ) you should be good.
I guess the question now is how do I get it to you? I will send this
message first with nothing attached and try a separate message with the
app. If it bounces we can go from there.
sg
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (SHIRO-126) Example Multiple Realm Shiro App (LDAP
and DB)
Posted by "Steve Gorman (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHIRO-126?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Steve Gorman updated SHIRO-126:
-------------------------------
Attachment: authentication.zipx
Example application
> Example Multiple Realm Shiro App (LDAP and DB)
> -----------------------------------------------
>
> Key: SHIRO-126
> URL: https://issues.apache.org/jira/browse/SHIRO-126
> Project: Shiro
> Issue Type: Temp
> Components: Sample Apps
> Affects Versions: 1.0
> Environment: Windows
> Reporter: Steve Gorman
> Priority: Trivial
> Attachments: authentication.zipx
>
>
> I have an intellij project that is a good example of how to create/use an LDAP realm. In fact what it does is choose between two configured realms one a local ShiroDbReal and the other LDAP. If your new to grails/groovy this is a good learning tool. I based it off of the Scott Davis (IBM) blogito tutorial. I create some default users that are not the plain ShiroUser but it is a trivial modification. For my purposes I had to extend the
> class ShiroUser extends com.saic.hub.HubUser
> but again, I think you will find it elementary to see the effect. In the end it is just a tweaked user class for my purposes and could be done incorrectly but there you go.
> When you run the app with grails run-app it will default to the ShiroDbRealm. If you create a file called
> file:${userHome}/.authprototype/user_config.groovy
> in that file put
> ldap.ldapUrls = 'ldap://localhost:389/'
> ldap.search.base = 'ou=YOURVALUE,dc=YOURVALUE,dc=YOURVALUE,dc=
> YOURVALUE'
> ldap.search.user = "YOURVALUE"
> ldap.search.pass = "YOURVALUE"
> ldap.username.attribute = "YOURVALUE"
> ldap.skip.credentialsCheck = false
> ldap.allowEmptyPasswords = false
> hub.auth.realmName = "ShiroLDAPRealm"
> the hub.auth.realmName should be set to whatever name is created by grails create-ldap-realm. I changed mine around some and ended up with ShiroLDAPRealm. The casing is off from the original.
> It will load your LDAP realm. The important value to trigger ldap loading is hub.auth.realmName. To test the application delete this line. It will load the ShiroDbRealm and you can login with the dummy users created in bootstrap. Once you have that working and understand it put the line back in the user_config.groovy file. This will override the default value that is in Config.groovy and load the LDAP realm. As long as you have the LDAP settings correct ( that was the really hard part for me ) you should be good.
> I guess the question now is how do I get it to you? I will send this
> message first with nothing attached and try a separate message with the
> app. If it bounces we can go from there.
> sg
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.