You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@isis.apache.org by ah...@apache.org on 2019/08/03 17:46:51 UTC
[isis] branch v2 updated: ISIS-2156 fixes demo-app shiro setup,
gives 'sven' admin privileges
This is an automated email from the ASF dual-hosted git repository.
ahuber pushed a commit to branch v2
in repository https://gitbox.apache.org/repos/asf/isis.git
The following commit(s) were added to refs/heads/v2 by this push:
new 3e2672a ISIS-2156 fixes demo-app shiro setup, gives 'sven' admin privileges
3e2672a is described below
commit 3e2672a828603994bd0c03ecb59fa350dca44050
Author: Andi Huber <ah...@apache.org>
AuthorDate: Sat Aug 3 19:46:43 2019 +0200
ISIS-2156 fixes demo-app shiro setup, gives 'sven' admin privileges
---
.../apache/isis/security/shiro/WebModuleShiro.java | 8 +++++
.../AuthenticationSessionStrategyBasicAuth.java | 2 +-
.../domainapp/application/DemoAppManifest.java | 1 +
examples/apps/demo/src/main/resources/shiro.ini | 37 +++-----------------
.../main/{webapp/WEB-INF => resources}/shiro.ini | 0
.../src/main/webapp/WEB-INF/isis.properties | 40 ----------------------
6 files changed, 14 insertions(+), 74 deletions(-)
diff --git a/core/plugins/security-shiro/src/main/java/org/apache/isis/security/shiro/WebModuleShiro.java b/core/plugins/security-shiro/src/main/java/org/apache/isis/security/shiro/WebModuleShiro.java
index ba560a4..4a5012a 100644
--- a/core/plugins/security-shiro/src/main/java/org/apache/isis/security/shiro/WebModuleShiro.java
+++ b/core/plugins/security-shiro/src/main/java/org/apache/isis/security/shiro/WebModuleShiro.java
@@ -107,6 +107,14 @@ public final class WebModuleShiro implements WebModule {
public String getName() {
return "Shiro";
}
+
+ @Override
+ public void prepare(WebModuleContext ctx) {
+ val customShiroEnvironmentClassName = System.getProperty("shiroEnvironmentClass");
+ if(_Strings.isEmpty(customShiroEnvironmentClassName)) {
+ setShiroEnvironmentClass(IniWebEnvironmentUsingSystemProperty.class);
+ }
+ }
@Override
public ServletContextListener init(ServletContext ctx) throws ServletException {
diff --git a/core/runtime-web/src/main/java/org/apache/isis/webapp/auth/AuthenticationSessionStrategyBasicAuth.java b/core/runtime-web/src/main/java/org/apache/isis/webapp/auth/AuthenticationSessionStrategyBasicAuth.java
index 336d79d..24db9e1 100644
--- a/core/runtime-web/src/main/java/org/apache/isis/webapp/auth/AuthenticationSessionStrategyBasicAuth.java
+++ b/core/runtime-web/src/main/java/org/apache/isis/webapp/auth/AuthenticationSessionStrategyBasicAuth.java
@@ -49,7 +49,7 @@ public class AuthenticationSessionStrategyBasicAuth extends AuthenticationSessio
final HttpServletRequest httpServletRequest,
final HttpServletResponse httpServletResponse) {
-
+ //FIXME[2156] do this somewhere else (more coupled with shiro)
// Basic auth should never create sessions!
// However, telling this Shiro here, is a fragile approach.
httpServletRequest.setAttribute(
diff --git a/examples/apps/demo/src/main/java/domainapp/application/DemoAppManifest.java b/examples/apps/demo/src/main/java/domainapp/application/DemoAppManifest.java
index 0b7170f..2c65354 100644
--- a/examples/apps/demo/src/main/java/domainapp/application/DemoAppManifest.java
+++ b/examples/apps/demo/src/main/java/domainapp/application/DemoAppManifest.java
@@ -96,6 +96,7 @@ public class DemoAppManifest {
@Bean @Singleton
public SecurityModuleConfig securityModuleConfigBean() {
return SecurityModuleConfig.builder()
+ .adminUserName("sven")
.build();
}
diff --git a/examples/apps/demo/src/main/resources/shiro.ini b/examples/apps/demo/src/main/resources/shiro.ini
index bc52895..7cea7b3 100644
--- a/examples/apps/demo/src/main/resources/shiro.ini
+++ b/examples/apps/demo/src/main/resources/shiro.ini
@@ -19,40 +19,11 @@
[main]
+authenticationStrategy=org.apache.isis.extensions.secman.shiro.AuthenticationStrategyForIsisModuleSecurityRealm
+isisModuleSecurityRealm=org.apache.isis.extensions.secman.shiro.IsisModuleSecurityRealm
-# to use .ini file
-securityManager.realms = $iniRealm
-
-
-# -----------------------------------------------------------------------------
-# Users and their assigned roles
-#
-# Each line conforms to the format defined in the
-# org.apache.shiro.realm.text.TextConfigurationRealm#setUserDefinitions JavaDoc
-# -----------------------------------------------------------------------------
+securityManager.authenticator.authenticationStrategy = $authenticationStrategy
+securityManager.realms = $isisModuleSecurityRealm
[users]
-# user = password, role1, role2, role3, ...
-
-
-sven = pass, admin_role
-dick = pass, user_role
-bob = pass, user_role
-joe = pass, user_role
-
-
-
-# -----------------------------------------------------------------------------
-# Roles with assigned permissions
-#
-# Each line conforms to the format defined in the
-# org.apache.shiro.realm.text.TextConfigurationRealm#setRoleDefinitions JavaDoc
-# -----------------------------------------------------------------------------
-
[roles]
-# role = perm1, perm2, perm3, ...
-# perm in format: packageName:className:memberName:r,w
-
-user_role = *:HelloWorldObjects:*:*,\
- *:HelloWorldObject:*:*
-admin_role = *
diff --git a/examples/apps/helloworld/src/main/webapp/WEB-INF/shiro.ini b/examples/apps/helloworld/src/main/resources/shiro.ini
similarity index 100%
rename from examples/apps/helloworld/src/main/webapp/WEB-INF/shiro.ini
rename to examples/apps/helloworld/src/main/resources/shiro.ini
diff --git a/examples/apps/helloworld/src/main/webapp/WEB-INF/isis.properties b/examples/apps/helloworld/src/main/webapp/WEB-INF/isis.properties
deleted file mode 100644
index 5a040e8..0000000
--- a/examples/apps/helloworld/src/main/webapp/WEB-INF/isis.properties
+++ /dev/null
@@ -1,40 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-
-#
-# The properties listed in this file vary between dev/test/prod.
-# All remaining properties (which are static and don't vary between dev/test/prod)
-# are loaded in programmatically by the AppManifest, see isis-non-changing.properties
-#
-
-#################################################################################
-#
-# JDBC connection details
-# (also update the pom.xml to reference the appropriate JDBC driver)
-#
-#################################################################################
-
-#isis.persistor.datanucleus.impl.javax.jdo.option.ConnectionDriverName=org.hsqldb.jdbcDriver
-#isis.persistor.datanucleus.impl.javax.jdo.option.ConnectionURL=jdbc:hsqldb:mem:test
-#isis.persistor.datanucleus.impl.javax.jdo.option.ConnectionUserName=sa
-#isis.persistor.datanucleus.impl.javax.jdo.option.ConnectionPassword=
-
-#isis.persistor.datanucleus.impl.javax.jdo.option.ConnectionDriverName=org.h2.Driver
-#isis.persistor.datanucleus.impl.javax.jdo.option.ConnectionURL=jdbc:h2:mem:test
-#isis.persistor.datanucleus.impl.javax.jdo.option.ConnectionUserName=sa
-#isis.persistor.datanucleus.impl.javax.jdo.option.ConnectionPassword=