You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@shiro.apache.org by Lutz Suhrbier <l....@bgbm.org> on 2012/12/11 13:13:10 UTC
Eclipse RAP integration
Hello,
I am trying to find the right way to integrate Shiro 1.2.1 within
Eclipse RAP.
Actually, I have followed other recommendations to simply initialize
Shiro within the RAP-OSGi Activator constructor like this.
Factory<SecurityManager> factory = new
IniSecurityManagerFactory("file:path_to_shiro.ini");
SecurityManager securityManager = factory.getInstance();
SecurityUtils.setSecurityManager(securityManager);
At first glance, it appears working fine, but when a user pushed the
reload button in the browser, SecurityUtils.getSubject() appears to
always creates a new Subject instance and isAuthenticated() returns false.
What I already evaluated, is that the servlet sessionid, which I can get
with RWT.getRequest().getSession().getId() remains identical, while the
Subject.getSession().getId() has changed. Also, the
SecurityUtils.getSubject() implementation appears to be bound to the
current thread, so I think if a new request would be processed within
another thread by the servlet container (Jetty 8, as included in eclipse
juno here), it is logical that getSubject() can not retrieve the former
session info, because this is bound to another thread.
Did anybody achieved to get Eclipse RAP and Shiro working properly
together ?
And, as I am quite new to all that OSGI and servlet containter stuff, is
there a way to manage that configuring shiro filters or listeners will
work out of the box within my Eclipse Juno environment ?
Thanks
Lutz
Re: Eclipse RAP integration
Posted by Lutz Suhrbier <l....@bgbm.org>.
Hi Jan,
even though you provided me no detailed instructions, your hint to
register the Shiro filter as OSGi HttpService finally saved my day :-) .
Now, several other postings I have read make sense and Shiro now works
like a charme (using the deprecated IniShiroFilter())
Currently, I did manage to register Shiro's EnvironmentLoaderListener()
in order to use the now recommended ShiroFilter.
But maybe, there is somebody else out there, who could provide a hint on
how to realise this ?
Here is a short description, what is needed to make it work:
First, you have add dependencies to the following equinox or osgi bundles:
org.eclipse.equinox.http.servlet
org.eclipse.equinox.http.registry
org.eclipse.osgi.services
Finally, you have two options to do that:
1) User the org.eclipse.equinox.http.registry.filters extension and
configure the iniShiroFilter class and the configPath init-param
<extension
point="org.eclipse.equinox.http.registry.filters">
<filter
alias="/"
class="org.apache.shiro.web.servlet.IniShiroFilter"
load-on-startup="true">
<init-param
name="configPath"
value="shiro.ini">
</init-param>
</filter>
</extension>
2) Activate a ServiceTracker in the Activator's start method:
public void start(BundleContext context) throws Exception {
logger.debug("Starting Bundle " +
context.getBundle().getSymbolicName() + ".");
super.start(context);
logger.debug("Registering ShiroFilter ...");
ExtendedHttpServiceTracker httpServiceTracker = new
ExtendedHttpServiceTracker(context);
httpServiceTracker.open();
}
Here is the simple ServiceTracker:
public class ExtendedHttpServiceTracker extends ServiceTracker {
final static Logger logger =
LoggerFactory.getLogger(ExtendedHttpServiceTracker.class);
public ExtendedHttpServiceTracker(BundleContext context,
ServiceTrackerCustomizer customizer) {
super(context, ExtendedHttpService.class.getName(), customizer);
}
public ExtendedHttpServiceTracker(BundleContext context) {
this(context, null);
}
public ExtendedHttpService getExtendedHttpService() {
return (ExtendedHttpService) getService();
}
public ExtendedHttpService[] getExtendedHttpServices() {
return (ExtendedHttpService[]) getServices();
}
@Override
public Object addingService(ServiceReference reference) {
if (reference != null) {
Dictionary properties = new Hashtable();
properties.put("configPath", "file:/config/shiro.ini");
ExtendedHttpService service =
(ExtendedHttpService)context.getService(reference);
try {
service.registerFilter("/", new IniShiroFilter(),
properties, null);
} catch (ServletException | NamespaceException e) {
logger.error("Apache Shiro filter could NOT be
registered to " + context.getBundle().getSymbolicName() + ".", e);
}
logger.info("Apache Shiro filter successfully registered to
" + context.getBundle().getSymbolicName() + ".");
return service;
}
else
logger.error("registerShiroFilter(): serviceRef= " +
reference);
return null;
}
@Override
public void removedService(ServiceReference reference, Object
service) {
super.removedService(reference, service);
}
}
I hope, somebody can put this on a more prominent place in the Shiro
documentation.
It's a quite simple thing, but It was really hard and time consuming to
find the solution !
best regards
Lutz
> Hi Lutz,
>
> we are also using Apache Shiro with OSGi (Eclipse Equinox). What we do is register the Shiro filter with the OSGi HttpService.
> We use Blueprint and Shiro's Spring add-on to configure Shiro. With that setting we are very happy!
>
> I can't tell you how to configure Shiro in OSGi without using Blueprint though.
>
> Bye,
> Jan
>
> -----Ursprüngliche Nachricht-----
> Von: Lutz Suhrbier [mailto:l.suhrbier@bgbm.org]
> Gesendet: Dienstag, 11. Dezember 2012 13:13
> An: user@shiro.apache.org
> Betreff: Eclipse RAP integration
>
> Hello,
>
> I am trying to find the right way to integrate Shiro 1.2.1 within Eclipse RAP.
> Actually, I have followed other recommendations to simply initialize Shiro within the RAP-OSGi Activator constructor like this.
>
> Factory<SecurityManager> factory = new
> IniSecurityManagerFactory("file:path_to_shiro.ini");
> SecurityManager securityManager = factory.getInstance(); SecurityUtils.setSecurityManager(securityManager);
>
> At first glance, it appears working fine, but when a user pushed the reload button in the browser, SecurityUtils.getSubject() appears to always creates a new Subject instance and isAuthenticated() returns false.
>
> What I already evaluated, is that the servlet sessionid, which I can get with RWT.getRequest().getSession().getId() remains identical, while the
> Subject.getSession().getId() has changed. Also, the
> SecurityUtils.getSubject() implementation appears to be bound to the current thread, so I think if a new request would be processed within another thread by the servlet container (Jetty 8, as included in eclipse juno here), it is logical that getSubject() can not retrieve the former session info, because this is bound to another thread.
>
> Did anybody achieved to get Eclipse RAP and Shiro working properly together ?
>
> And, as I am quite new to all that OSGI and servlet containter stuff, is there a way to manage that configuring shiro filters or listeners will work out of the box within my Eclipse Juno environment ?
>
> Thanks
> Lutz
>
>
>
>
>
Re: Eclipse RAP integration
Posted by Harald Wellmann <hw...@gmail.com>.
Intializing Shiro in an Activator won't have the desired effect.
Activators are run by the OSGi framework startup thread, not by an
HTTP request thread.
I'd recommend using shiro.ini and the usual settings in web.xml
documented for vanilla web applications.
Hope that helps,
Harald
2012/12/11 Jan Stamer <J....@pe-international.com>:
> Hi Lutz,
>
> we are also using Apache Shiro with OSGi (Eclipse Equinox). What we do is register the Shiro filter with the OSGi HttpService.
> We use Blueprint and Shiro's Spring add-on to configure Shiro. With that setting we are very happy!
>
> I can't tell you how to configure Shiro in OSGi without using Blueprint though.
>
> Bye,
> Jan
>
> -----Ursprüngliche Nachricht-----
> Von: Lutz Suhrbier [mailto:l.suhrbier@bgbm.org]
> Gesendet: Dienstag, 11. Dezember 2012 13:13
> An: user@shiro.apache.org
> Betreff: Eclipse RAP integration
>
> Hello,
>
> I am trying to find the right way to integrate Shiro 1.2.1 within Eclipse RAP.
> Actually, I have followed other recommendations to simply initialize Shiro within the RAP-OSGi Activator constructor like this.
>
> Factory<SecurityManager> factory = new
> IniSecurityManagerFactory("file:path_to_shiro.ini");
> SecurityManager securityManager = factory.getInstance(); SecurityUtils.setSecurityManager(securityManager);
>
> At first glance, it appears working fine, but when a user pushed the reload button in the browser, SecurityUtils.getSubject() appears to always creates a new Subject instance and isAuthenticated() returns false.
>
> What I already evaluated, is that the servlet sessionid, which I can get with RWT.getRequest().getSession().getId() remains identical, while the
> Subject.getSession().getId() has changed. Also, the
> SecurityUtils.getSubject() implementation appears to be bound to the current thread, so I think if a new request would be processed within another thread by the servlet container (Jetty 8, as included in eclipse juno here), it is logical that getSubject() can not retrieve the former session info, because this is bound to another thread.
>
> Did anybody achieved to get Eclipse RAP and Shiro working properly together ?
>
> And, as I am quite new to all that OSGI and servlet containter stuff, is there a way to manage that configuring shiro filters or listeners will work out of the box within my Eclipse Juno environment ?
>
> Thanks
> Lutz
>
>
>
>
AW: Eclipse RAP integration
Posted by Jan Stamer <J....@pe-international.com>.
Hi Lutz,
we are also using Apache Shiro with OSGi (Eclipse Equinox). What we do is register the Shiro filter with the OSGi HttpService.
We use Blueprint and Shiro's Spring add-on to configure Shiro. With that setting we are very happy!
I can't tell you how to configure Shiro in OSGi without using Blueprint though.
Bye,
Jan
-----Ursprüngliche Nachricht-----
Von: Lutz Suhrbier [mailto:l.suhrbier@bgbm.org]
Gesendet: Dienstag, 11. Dezember 2012 13:13
An: user@shiro.apache.org
Betreff: Eclipse RAP integration
Hello,
I am trying to find the right way to integrate Shiro 1.2.1 within Eclipse RAP.
Actually, I have followed other recommendations to simply initialize Shiro within the RAP-OSGi Activator constructor like this.
Factory<SecurityManager> factory = new
IniSecurityManagerFactory("file:path_to_shiro.ini");
SecurityManager securityManager = factory.getInstance(); SecurityUtils.setSecurityManager(securityManager);
At first glance, it appears working fine, but when a user pushed the reload button in the browser, SecurityUtils.getSubject() appears to always creates a new Subject instance and isAuthenticated() returns false.
What I already evaluated, is that the servlet sessionid, which I can get with RWT.getRequest().getSession().getId() remains identical, while the
Subject.getSession().getId() has changed. Also, the
SecurityUtils.getSubject() implementation appears to be bound to the current thread, so I think if a new request would be processed within another thread by the servlet container (Jetty 8, as included in eclipse juno here), it is logical that getSubject() can not retrieve the former session info, because this is bound to another thread.
Did anybody achieved to get Eclipse RAP and Shiro working properly together ?
And, as I am quite new to all that OSGI and servlet containter stuff, is there a way to manage that configuring shiro filters or listeners will work out of the box within my Eclipse Juno environment ?
Thanks
Lutz