You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@isis.apache.org by "ASF subversion and git services (JIRA)" <ji...@apache.org> on 2014/01/23 23:17:50 UTC
[jira] [Commented] (ISIS-656) Roles not setup when using Shiro
[ https://issues.apache.org/jira/browse/ISIS-656?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13880436#comment-13880436 ]
ASF subversion and git services commented on ISIS-656:
------------------------------------------------------
Commit 5a7379335f59e408b5a28ceb488e2d3ef6e65a03 in branch refs/heads/master from [~danhaywood]
[ https://git-wip-us.apache.org/repos/asf?p=isis.git;h=5a73793 ]
ISIS-656: fixing role memento for shiro
> Roles not setup when using Shiro
> --------------------------------
>
> Key: ISIS-656
> URL: https://issues.apache.org/jira/browse/ISIS-656
> Project: Isis
> Issue Type: New Feature
> Components: Security: Shiro
> Affects Versions: security-shiro-1.3.0
> Reporter: Dan Haywood
> Assignee: Dan Haywood
> Fix For: security-shiro-1.4.0
>
>
> as per http://markmail.org/thread/3diasqoulbujpeom
> The problem turns out to be a missing "!" in the ShiroAuthenticatorOrAuthorizor.
> final Collection<Realm> realms = securityManager.getRealms();
> for (final Realm realm : realms) {
> - if(realm.supports(token)) {
> + if(!realm.supports(token)) {
> continue;
> }
> ...
> }
> with this fix, and with shiro.ini as configured per [1] pointing at realms [2] and [3], then the following code:
> for (RoleMemento rm:container.getUser().getRoles()) {
> LOG.info("ROLE: "+rm.getName());
> }
> for 'sven' logs:
> 21:46:10,279 [ToDoItem 2125139315@qtp-71626409-4 INFO ] ROLE: realm1:admin_role
> 21:46:10,279 [ToDoItem 2125139315@qtp-71626409-4 INFO ] ROLE: org.apache.isis.viewer.wicket.roles.USER
> while for 'dick' logs:
> 21:51:07,062 [ToDoItem 503033028@qtp-71626409-0 INFO ] ROLE: realm1:user_role
> 21:51:07,062 [ToDoItem 503033028@qtp-71626409-0 INFO ] ROLE: realm1:self-install_role
> 21:51:07,062 [ToDoItem 503033028@qtp-71626409-0 INFO ] ROLE: realm1:analysis_role
> 21:51:07,062 [ToDoItem 503033028@qtp-71626409-0 INFO ] ROLE: org.apache.isis.viewer.wicket.roles.USER
> [1] https://github.com/apache/isis/blob/ad16b962928715e343369b00d8a42cd12c9bd79b/example/application/quickstart_wicket_restful_jdo/webapp/src/main/webapp/WEB-INF/shiro.ini#L73
> [2] https://github.com/apache/isis/blob/ad16b962928715e343369b00d8a42cd12c9bd79b/example/application/quickstart_wicket_restful_jdo/webapp/src/main/resources/webapp/realm1.ini
> [3] https://github.com/apache/isis/blob/ad16b962928715e343369b00d8a42cd12c9bd79b/example/application/quickstart_wicket_restful_jdo/webapp/src/main/resources/webapp/realm2.ini
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)