You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@isis.apache.org by "ASF subversion and git services (JIRA)" <ji...@apache.org> on 2014/01/23 23:17:50 UTC

[jira] [Commented] (ISIS-656) Roles not setup when using Shiro

    [ https://issues.apache.org/jira/browse/ISIS-656?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13880436#comment-13880436 ] 

ASF subversion and git services commented on ISIS-656:
------------------------------------------------------

Commit 5a7379335f59e408b5a28ceb488e2d3ef6e65a03 in branch refs/heads/master from [~danhaywood]
[ https://git-wip-us.apache.org/repos/asf?p=isis.git;h=5a73793 ]

ISIS-656: fixing role memento for shiro


> Roles not setup when using Shiro
> --------------------------------
>
>                 Key: ISIS-656
>                 URL: https://issues.apache.org/jira/browse/ISIS-656
>             Project: Isis
>          Issue Type: New Feature
>          Components: Security: Shiro
>    Affects Versions: security-shiro-1.3.0
>            Reporter: Dan Haywood
>            Assignee: Dan Haywood
>             Fix For: security-shiro-1.4.0
>
>
> as per http://markmail.org/thread/3diasqoulbujpeom
> The problem turns out to be a missing "!" in the ShiroAuthenticatorOrAuthorizor.
>          final Collection<Realm> realms = securityManager.getRealms();
>          for (final Realm realm : realms) {
> -            if(realm.supports(token)) {
> +            if(!realm.supports(token)) {
>                  continue;
>              }
>              ...
>          }
> with this fix, and with shiro.ini as configured per [1] pointing at realms [2] and [3], then the following code:
> for (RoleMemento rm:container.getUser().getRoles()) {
>     LOG.info("ROLE: "+rm.getName());
> }
> for 'sven' logs:
> 21:46:10,279  [ToDoItem             2125139315@qtp-71626409-4 INFO ]  ROLE: realm1:admin_role
> 21:46:10,279  [ToDoItem             2125139315@qtp-71626409-4 INFO ]  ROLE: org.apache.isis.viewer.wicket.roles.USER
> while for 'dick' logs:
> 21:51:07,062  [ToDoItem             503033028@qtp-71626409-0 INFO ]  ROLE: realm1:user_role
> 21:51:07,062  [ToDoItem             503033028@qtp-71626409-0 INFO ]  ROLE: realm1:self-install_role
> 21:51:07,062  [ToDoItem             503033028@qtp-71626409-0 INFO ]  ROLE: realm1:analysis_role
> 21:51:07,062  [ToDoItem             503033028@qtp-71626409-0 INFO ]  ROLE: org.apache.isis.viewer.wicket.roles.USER
> [1] https://github.com/apache/isis/blob/ad16b962928715e343369b00d8a42cd12c9bd79b/example/application/quickstart_wicket_restful_jdo/webapp/src/main/webapp/WEB-INF/shiro.ini#L73
> [2] https://github.com/apache/isis/blob/ad16b962928715e343369b00d8a42cd12c9bd79b/example/application/quickstart_wicket_restful_jdo/webapp/src/main/resources/webapp/realm1.ini
> [3] https://github.com/apache/isis/blob/ad16b962928715e343369b00d8a42cd12c9bd79b/example/application/quickstart_wicket_restful_jdo/webapp/src/main/resources/webapp/realm2.ini



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)