You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@shiro.apache.org by von_Zeppelin <le...@mail.ru> on 2013/02/05 09:25:32 UTC
shiro-guice + buji
Hello!
Is it possible to configure buji OAuth client for Shiro using
ShiroWebModule? Its configuration steps include registration of filters such
as OAuthFilter, OAuthUserFilter that can be done like this
addFilterChain("/shiro-google", Key.get(OAuthFilter.class));
addFilterChain("/oauth-google", Key.get(OAuthUserFilter.class));
but both of these filters require OAuth provider instance passed via a
setter method. How can one inject a provider instance she has? Unfortunately
filter classes are final and aren't marked with annotations to facilitate
injection or am I missing something?
Thank you!
--
View this message in context: http://shiro-user.582556.n2.nabble.com/shiro-guice-buji-tp7578225.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: shiro-guice + buji
Posted by Richard Mixon <rn...@custco.biz>.
OK, as I suspected it was an unrelated problem. I had left some @Provider
functions in place from earlier experimenting - thinking that if I did not
bind the associated type or Realm they would not be instantiated. Wrong!
It's all working quite well now. I did find one peculiarity - CAS sends my
roles (from the "memberOf" attribute) over in lowercase. After not finding
a setting to adjust this on the CAS side I just overrode the
doGetAuthorization method in CasRealm and adjusted.
On Tue, Jan 28, 2014 at 5:52 PM, rnmixon <rn...@custco.biz> wrote:
> I've run into the situation where I need both Shiro CAS and Shiro Google
> support.
>
> I've made an attempt to convert the buji-guice-demo to work with CAS
> instead
> of OAUTH.
>
> I created a InjectableCasRealm and InjectableCasFilter, but in my tests I
> always end up going through BasicHttpAuthenticationFilter instead of the
> "roles" filter. This is probably just a Shiro Guice configuration issue,
> but
> it's been beating up on me all day.
>
> If anybody could point out where I'm going wrong or suggest some other
> things to try, it would be greatly appreciated. Here's my subclass of
>
> Thank you.
>
>
>
>
>
> --
> View this message in context:
> http://shiro-user.582556.n2.nabble.com/shiro-guice-buji-tp7578225p7579595.html
> Sent from the Shiro User mailing list archive at Nabble.com.
>
--
Richard Mixon
Custom Computer Creations, L.L.C.
mobile: (480) 577-6834 office: (480) 614-3442
email: rnmixon@CustCo.biz <ma...@CustCo.biz>
Microsoft Partner ID: 1263725
The messages and documents transmitted with this notice contain
confidential information belonging to the sender. If you are not the
intended recipient of this information, you are hereby notified that any
disclosure, copying, distribution or use of the information is strictly
prohibited. If you have received this transmission in error, please notify
the sender immediately.
Re: shiro-guice + buji
Posted by rnmixon <rn...@custco.biz>.
I've run into the situation where I need both Shiro CAS and Shiro Google
support.
I've made an attempt to convert the buji-guice-demo to work with CAS instead
of OAUTH.
I created a InjectableCasRealm and InjectableCasFilter, but in my tests I
always end up going through BasicHttpAuthenticationFilter instead of the
"roles" filter. This is probably just a Shiro Guice configuration issue, but
it's been beating up on me all day.
If anybody could point out where I'm going wrong or suggest some other
things to try, it would be greatly appreciated. Here's my subclass of
Thank you.
--
View this message in context: http://shiro-user.582556.n2.nabble.com/shiro-guice-buji-tp7578225p7579595.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: shiro-guice + buji
Posted by von_Zeppelin <le...@mail.ru>.
Hello, Jérôme!
Thank you, the Sonatype snapshots repository is used to get the library
now.
--
View this message in context: http://shiro-user.582556.n2.nabble.com/shiro-guice-buji-tp7578225p7578336.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: shiro-guice + buji
Posted by jleleu <le...@gmail.com>.
Hi,
You were right, it was missing.
It's fixed now :
https://oss.sonatype.org/content/repositories/snapshots/io/buji/buji-oauth/1.1.1-SNAPSHOT/.
Best,
Jérôme
--
View this message in context: http://shiro-user.582556.n2.nabble.com/shiro-guice-buji-tp7578225p7578335.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: shiro-guice + buji
Posted by von_Zeppelin <le...@mail.ru>.
Hello, Jérôme!
I couldn't find buji-oauth version 1.1.1-SNAPSHOT in the Sonatype
snapshots repository
<https://oss.sonatype.org/content/repositories/snapshots/> . Could you,
please, check that it is really there?
Thank you.
--
View this message in context: http://shiro-user.582556.n2.nabble.com/shiro-guice-buji-tp7578225p7578334.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: shiro-guice + buji
Posted by jleleu <le...@gmail.com>.
Hi,
Thanks for sharing. I add a link from my demo to yours.
Though, I don't understand why you use a custom lib : why not using the
buji-oauth dependency in version 1.1.1-SNAPSHOT (you need to add the
Sonatype snapshots repository in your pom.xml) ?
Best regards,
Jérôme
--
View this message in context: http://shiro-user.582556.n2.nabble.com/shiro-guice-buji-tp7578225p7578333.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: shiro-guice + buji
Posted by von_Zeppelin <le...@mail.ru>.
Hello, Jérôme!
I did a version of your buji-oauth-demo
<https://github.com/leleuj/buji-oauth-demo> web app with Shiro + Buji
configured using Google Guice; it is available at the buji-guice-demo
<https://github.com/vonZeppelin/buji-guice-demo> GitHub repo. I hope it'll
be helpful to someone else.
Currently this demo app uses a custom build of /buji-oauth/ lib where
final modifiers were removed from several classes, but with a next release
of the lib it won't be necessary.
Thank you.
--
View this message in context: http://shiro-user.582556.n2.nabble.com/shiro-guice-buji-tp7578225p7578329.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: shiro-guice + buji
Posted by jleleu <le...@gmail.com>.
Hi,
Whould you be so kind as to share an example of your Guice configuration
with buji OAuth client ?
It might help other people.
Thanks.
Best regards,
Jérôme
--
View this message in context: http://shiro-user.582556.n2.nabble.com/shiro-guice-buji-tp7578225p7578315.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: shiro-guice + buji
Posted by jleleu <le...@gmail.com>.
Hi,
There is not "remember me" feature in buji-oauth. That's a good question
though, I didn't spend much time thinking about it.
At that moment, I tend to think that it's up to the OAuth provider :
Facebook and Twitter (for example) handle the "remember-me" feature on their
sides.
Best regards,
Jérôme
--
View this message in context: http://shiro-user.582556.n2.nabble.com/shiro-guice-buji-tp7578225p7578281.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: shiro-guice + buji
Posted by von_Zeppelin <le...@mail.ru>.
Hello, Jérôme!
Thank you! One new question about buji-oauth module - does it support
"remember me" feature out-of-the box or can it be implemented in some (easy)
way or maybe it's not possible to have "remember me" with OAuth
authentication in general?
Thank you.
--
View this message in context: http://shiro-user.582556.n2.nabble.com/shiro-guice-buji-tp7578225p7578274.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: shiro-guice + buji
Posted by jleleu <le...@gmail.com>.
Hi,
I just merged the pull request. It should be ok now.
Best regards,
Jérôme
--
View this message in context: http://shiro-user.582556.n2.nabble.com/shiro-guice-buji-tp7578225p7578266.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: shiro-guice + buji
Posted by von_Zeppelin <le...@mail.ru>.
Hello, Jérôme!
Unfortunately, @Providers methods won't solve the problem, because
methods of a filter class should be still annotated with @Inject which is
not the case.
It is possible to use Guice type listeners like this:
Matcher<? super TypeLiteral<?>> matcher =
Matchers.only(TypeLiteral.get(OAuthFilter.class))
.or(Matchers.only(TypeLiteral.get(OAuthUserFilter.class)));
bindListener(matcher, new TypeListener() {
private Provider<BaseOAuthProvider> oAuthProvider;
private InjectionListener listener = new InjectionListener() {
public void afterInjection(Object injectee) {
OAuthProvider provider = oAuthProvider.get();
if (injectee instanceof OAuthFilter) {
((OAuthFilter) injectee).setProvider(provider);
} else {
((OAuthUserFilter) injectee).setProvider(provider);
}
}
};
public void hear(TypeLiteral type, TypeEncounter encounter) {
oAuthProvider = encounter.getProvider(BaseOAuthProvider.class);
encounter.register(listener);
}
});
but it's a bit clumsy. I see that there is a merged pull request to remove
the 'final' modifier for some classes, but several filter classes were
overlooked and still have it, so I created a new pull request to deal
similarly with the remaining classes.
Thank you.
--
View this message in context: http://shiro-user.582556.n2.nabble.com/shiro-guice-buji-tp7578225p7578264.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: shiro-guice + buji
Posted by jleleu <le...@gmail.com>.
Hi,
You're right, both filters need to be set with an OAuth provider (just to
know how they should behave).
I don't know guice but I think you need to create @Providers methods in your
module like explained here :
http://code.google.com/p/google-guice/wiki/ProvidesMethods.
Though, if it's not sufficient in your case, you can send a pull request to
remove final keyword on required classes.
Best regards,
Jérôme
--
View this message in context: http://shiro-user.582556.n2.nabble.com/shiro-guice-buji-tp7578225p7578227.html
Sent from the Shiro User mailing list archive at Nabble.com.