You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tapestry.apache.org by Paul Stanton <pa...@mapshed.com.au> on 2010/11/19 00:58:05 UTC
tynamo tapestry-security / shiro help
Kalle,
I'm think I'm making progress however I haven't found a good guide to
confirm I'm on the right track.
I have a persistent User entity (db+hibernate). The user has multiple
roles. I only really want to use the RequiresRoles annotation on pages
(and some methods) at this point.
So what I've done so far:
AuthorizingRealm and my doGetAuthenticationInfo creates a SimpleAccount
with the roles set populated.
But once the code hits a RequiresRole annotation, the
realm.doGetAuthorizationInfo is called.
I don't want to go back to my persistent entity at this point since I've
already told the security module about the user's roles.
How do I make AuthorizingRealm cache the SimpleAccount returned from
doGetAuthenticationInfo and use it for doGetAuthorizationInfo?
Also, I'd expect this cache element to have the same lifecycle as the
user's session, is that the case?
Thanks, Paul.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: tynamo tapestry-security / shiro help
Posted by Paul Stanton <pa...@mapshed.com.au>.
Alejandro,
Would you mind posting your Realm implementation?
I tried just providing a CacheManager to the constructor for
AuthorizingRealm but there must be something else missing as i still
have 2 problems:
1. The SimpleAccount is not being cached after the credentials have been
checked (ie after doGetAuthenticationInfo) but is then being requested
for the 'hasRole' check
2. I get an exception:
Caused by: java.lang.IllegalArgumentException: Cache name cannot be null
or empty.
at
org.apache.shiro.cache.AbstractCacheManager.getCache(AbstractCacheManager.java:61)
at
org.apache.shiro.realm.AuthorizingRealm.getAuthorizationCacheLazy(AuthorizingRealm.java:245)
at
org.apache.shiro.realm.AuthorizingRealm.getAvailableAuthorizationCache(AuthorizingRealm.java:260)
at
org.apache.shiro.realm.AuthorizingRealm.getAuthorizationInfo(AuthorizingRealm.java:322)
at
org.apache.shiro.realm.AuthorizingRealm.hasRole(AuthorizingRealm.java:567)
Also, could you explain how the cache entries are evicted? would this
happen at exactly the time the httpsession is invalidated?
Thanks, Paul.
On 23/11/2010 1:28 AM, Alejandro Scandroli wrote:
> Hi Paul
>
> The AuthorizingRealm constructor can take a CacheManager as a parameter.
> In our case we use the EhCacheManager.
>
> That's all you need!
>
> Cheers.
> Alejandro
>
>
> On Fri, Nov 19, 2010 at 12:58 AM, Paul Stanton<pa...@mapshed.com.au> wrote:
>> Kalle,
>>
>> I'm think I'm making progress however I haven't found a good guide to
>> confirm I'm on the right track.
>>
>> I have a persistent User entity (db+hibernate). The user has multiple roles.
>> I only really want to use the RequiresRoles annotation on pages (and some
>> methods) at this point.
>>
>> So what I've done so far:
>>
>> AuthorizingRealm and my doGetAuthenticationInfo creates a SimpleAccount with
>> the roles set populated.
>>
>> But once the code hits a RequiresRole annotation, the
>> realm.doGetAuthorizationInfo is called.
>>
>> I don't want to go back to my persistent entity at this point since I've
>> already told the security module about the user's roles.
>>
>> How do I make AuthorizingRealm cache the SimpleAccount returned from
>> doGetAuthenticationInfo and use it for doGetAuthorizationInfo?
>>
>> Also, I'd expect this cache element to have the same lifecycle as the user's
>> session, is that the case?
>>
>> Thanks, Paul.
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
>> For additional commands, e-mail: users-help@tapestry.apache.org
>>
>>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: tynamo tapestry-security / shiro help
Posted by Alejandro Scandroli <al...@gmail.com>.
Hi Paul
The AuthorizingRealm constructor can take a CacheManager as a parameter.
In our case we use the EhCacheManager.
That's all you need!
Cheers.
Alejandro
On Fri, Nov 19, 2010 at 12:58 AM, Paul Stanton <pa...@mapshed.com.au> wrote:
> Kalle,
>
> I'm think I'm making progress however I haven't found a good guide to
> confirm I'm on the right track.
>
> I have a persistent User entity (db+hibernate). The user has multiple roles.
> I only really want to use the RequiresRoles annotation on pages (and some
> methods) at this point.
>
> So what I've done so far:
>
> AuthorizingRealm and my doGetAuthenticationInfo creates a SimpleAccount with
> the roles set populated.
>
> But once the code hits a RequiresRole annotation, the
> realm.doGetAuthorizationInfo is called.
>
> I don't want to go back to my persistent entity at this point since I've
> already told the security module about the user's roles.
>
> How do I make AuthorizingRealm cache the SimpleAccount returned from
> doGetAuthenticationInfo and use it for doGetAuthorizationInfo?
>
> Also, I'd expect this cache element to have the same lifecycle as the user's
> session, is that the case?
>
> Thanks, Paul.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org