You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@shiro.apache.org by abxide <ab...@gmail.com> on 2009/07/03 16:27:16 UTC
Help needed with Apache ki + rmi + hibernate
I'm trying to use apache ki for authorization and authentication for my non
web application based on RMI and hibernate and delcarative permisisions. I'm
new to this, i gave a look to the samples, but i'm looking for something
that doesn't use spring, would be nice receive some hints about it.
--
View this message in context: http://n2.nabble.com/Help-needed-with-Apache-ki-%2B-rmi-%2B-hibernate-tp3201589p3201589.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: Help needed with Apache ki + rmi + hibernate
Posted by Les Hazlewood <lh...@apache.org>.
You can definitely use the programmatic approach - that is the most
straightforward approach, but requires you to code. The Annotations enabled
by AOP are merely there as a convenience so you don't have to code security
checks.
But for authentication, you'll probably need to use the programmatic API
directly, e.g.
SecurityUtils.getSubject().login(new UsernamePasswordToken(username,
password));
We currently don't have a sample application that uses raw RMI APIs to talk
to a remote security manager, but it wouldn't be too hard to set up. Please
add a Jira issue (https://issues.apache.org/jira/browse/SHIRO) to allow us
to add that.
In the meantime you can acquire the remote SecurityManager via a RMI lookup
and call SecurityUtils.setSecurityManager(remoteSecurityManager). That
should be enough to get you going, but note that that call should only ever
be called if you want a SecurityManager to be used for the entire JVM (See
the JavaDoc on that method for more).
Cheers,
Les
On Fri, Jul 3, 2009 at 12:34 PM, abxide <ab...@gmail.com> wrote:
>
> Thanks for your quickly answer,
> i'm using a raw RMI structure, when you talk about annotations do you mean
> at apache ki system requirements or for example at the possibility to use
> annotations for authorization?
> In the second case, i think i can avoid the use of AOP simply using the
> programmatically approach.
> In the first case, if there aren't alternative solutions, i think using an
> aspect-j solution could be a good compromise.
>
>
>
> Les Hazlewood-2 wrote:
> >
> > Hi Abxide,
> >
> > What are you using for RMI? Is it just raw RMI or are you using a
> > framework
> > to simplify the remoting infrastructure?
> >
> > Also, our current out-of-the-box support for a security annotations
> relies
> > on AOPAlliance constructs, which often implies a Spring environment. Of
> > course Shiro can work in any environment, but we'd need some sort of AOP
> > framework to support annotations if we won't use Spring's AOPAlliance
> > advice. What are you currently using, and if not using anything, would
> > you
> > be ok with using an AspectJ-based solution for annotations?
> >
> > - Les
> >
> > On Fri, Jul 3, 2009 at 10:27 AM, abxide <ab...@gmail.com> wrote:
> >
> >>
> >> I'm trying to use apache ki for authorization and authentication for my
> >> non
> >> web application based on RMI and hibernate and delcarative permisisions.
> >> I'm
> >> new to this, i gave a look to the samples, but i'm looking for something
> >> that doesn't use spring, would be nice receive some hints about it.
> >>
> >> --
> >> View this message in context:
> >>
> http://n2.nabble.com/Help-needed-with-Apache-ki-%2B-rmi-%2B-hibernate-tp3201589p3201589.html
> >> Sent from the Shiro User mailing list archive at Nabble.com.
> >>
> >>
> >
> >
>
> --
> View this message in context:
> http://n2.nabble.com/Help-needed-with-Apache-ki-%2B-rmi-%2B-hibernate-tp3201589p3202271.html
> Sent from the Shiro User mailing list archive at Nabble.com.
>
>
Re: Help needed with Apache ki + rmi + hibernate
Posted by abxide <ab...@gmail.com>.
Thanks for your quickly answer,
i'm using a raw RMI structure, when you talk about annotations do you mean
at apache ki system requirements or for example at the possibility to use
annotations for authorization?
In the second case, i think i can avoid the use of AOP simply using the
programmatically approach.
In the first case, if there aren't alternative solutions, i think using an
aspect-j solution could be a good compromise.
Les Hazlewood-2 wrote:
>
> Hi Abxide,
>
> What are you using for RMI? Is it just raw RMI or are you using a
> framework
> to simplify the remoting infrastructure?
>
> Also, our current out-of-the-box support for a security annotations relies
> on AOPAlliance constructs, which often implies a Spring environment. Of
> course Shiro can work in any environment, but we'd need some sort of AOP
> framework to support annotations if we won't use Spring's AOPAlliance
> advice. What are you currently using, and if not using anything, would
> you
> be ok with using an AspectJ-based solution for annotations?
>
> - Les
>
> On Fri, Jul 3, 2009 at 10:27 AM, abxide <ab...@gmail.com> wrote:
>
>>
>> I'm trying to use apache ki for authorization and authentication for my
>> non
>> web application based on RMI and hibernate and delcarative permisisions.
>> I'm
>> new to this, i gave a look to the samples, but i'm looking for something
>> that doesn't use spring, would be nice receive some hints about it.
>>
>> --
>> View this message in context:
>> http://n2.nabble.com/Help-needed-with-Apache-ki-%2B-rmi-%2B-hibernate-tp3201589p3201589.html
>> Sent from the Shiro User mailing list archive at Nabble.com.
>>
>>
>
>
--
View this message in context: http://n2.nabble.com/Help-needed-with-Apache-ki-%2B-rmi-%2B-hibernate-tp3201589p3202271.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: Help needed with Apache ki + rmi + hibernate
Posted by Les Hazlewood <lh...@apache.org>.
Hi Abxide,
What are you using for RMI? Is it just raw RMI or are you using a framework
to simplify the remoting infrastructure?
Also, our current out-of-the-box support for a security annotations relies
on AOPAlliance constructs, which often implies a Spring environment. Of
course Shiro can work in any environment, but we'd need some sort of AOP
framework to support annotations if we won't use Spring's AOPAlliance
advice. What are you currently using, and if not using anything, would you
be ok with using an AspectJ-based solution for annotations?
- Les
On Fri, Jul 3, 2009 at 10:27 AM, abxide <ab...@gmail.com> wrote:
>
> I'm trying to use apache ki for authorization and authentication for my non
> web application based on RMI and hibernate and delcarative permisisions.
> I'm
> new to this, i gave a look to the samples, but i'm looking for something
> that doesn't use spring, would be nice receive some hints about it.
>
> --
> View this message in context:
> http://n2.nabble.com/Help-needed-with-Apache-ki-%2B-rmi-%2B-hibernate-tp3201589p3201589.html
> Sent from the Shiro User mailing list archive at Nabble.com.
>
>