You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@isis.apache.org by da...@apache.org on 2014/04/04 10:47:20 UTC

svn commit: r1584563 - /isis/site/trunk/content/components/security/shiro/configuring-shiro.md

Author: danhaywood
Date: Fri Apr  4 08:47:17 2014
New Revision: 1584563

URL: http://svn.apache.org/r1584563
Log:
jdbc config

Modified:
    isis/site/trunk/content/components/security/shiro/configuring-shiro.md

Modified: isis/site/trunk/content/components/security/shiro/configuring-shiro.md
URL: http://svn.apache.org/viewvc/isis/site/trunk/content/components/security/shiro/configuring-shiro.md?rev=1584563&r1=1584562&r2=1584563&view=diff
==============================================================================
--- isis/site/trunk/content/components/security/shiro/configuring-shiro.md (original)
+++ isis/site/trunk/content/components/security/shiro/configuring-shiro.md Fri Apr  4 08:47:17 2014
@@ -117,3 +117,27 @@ For example, in the quickstart/todo app,
     dick = pass, user_role, analysis_role, self-install_role
 
 then this corresponds to the roles *realm1:user_role*, *realm1:self-install_role* and *realm1:analysis_role*.  If using the Wicket viewer, then there will also be another role which is used internally (namely *org.apache.isis.viewer.wicket.roles.USER*).
+
+## Configuring Shiro for JDBC
+
+Something like the following should do:
+
+    builtInCacheManager = org.apache.shiro.cache.MemoryConstrainedCacheManager
+    securityManager.cacheManager = $builtInCacheManager
+
+    ps = org.apache.shiro.authc.credential.DefaultPasswordService
+    pm = org.apache.shiro.authc.credential.PasswordMatcher
+    pm.passwordService = $ps
+
+    aa = org.apache.shiro.authc.credential.AllowAllCredentialsMatcher
+    sm = org.apache.shiro.authc.credential.SimpleCredentialsMatcher
+
+    jdbcRealm=org.apache.shiro.realm.jdbc.JdbcRealm
+    jdbcRealm.authenticationQuery = SELECT password from users where username = ?
+    jdbcRealm.userRolesQuery = select r.label from users_roles ur inner join roles r on ur.role_id = r.id where user_id = (select id from users where username = ?);
+    jdbcRealm.permissionsQuery=select p.permission from roles_permissions rp inner join permissions p on rp.permission_id = p.id where rp.role_id = (select id from roles where label = ?);
+    jdbcRealm.permissionsLookupEnabled=true
+
+    ds = com.mysql.jdbc.jdbc2.optional.MysqlDataSource
+    ds ...etc
+    securityManager.realms = $jdbcRealm