You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@shiro.apache.org by Simeó Reig <si...@grupoincofisa.com> on 2017/02/23 12:25:07 UTC
Shiro can't see Omnifaces ExtensionlessURLs rewrited urls
We have the JSF shiro project working smoothless, now we would like to
add Omnifaces ExtensionlessURLs but now shiro complains because it's not
able to search login (without .xhtml extension) page when
authentification mechanism is triggered.
prettyfaces solution
(http://www.ocpsoft.org/support/topic/rewrite-apache-shiro/)
How we can achive it?
Thanks in advance
-------------
pom.xml
-------------
<dependency>
<groupId>javax</groupId>
<artifactId>javaee-web-api</artifactId>
<version>7.0</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-core</artifactId>
<version>1.4.0-RC2</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-web</artifactId>
<version>1.4.0-RC2</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-faces</artifactId>
<version>2.0</version>
</dependency>
<dependency>
<groupId>org.omnifaces</groupId>
<artifactId>omnifaces</artifactId>
<version>2.6</version>
</dependency>
<dependency>
<groupId>commons-logging</groupId>
<artifactId>commons-logging</artifactId>
<version>1.2</version>
</dependency>
<dependency>
<groupId>org.primefaces</groupId>
<artifactId>primefaces</artifactId>
<version>6.0</version>
</dependency>
-------------
shiro.ini
-------------
[main]
authc.loginUrl = /faces/login.xhtml (we tried to without extension
unsuccessfuly)
user.loginUrl = /faces/login.xhtml
adronicaRealm = com.mycompany.shirofaces.AdronicaRealm
authc = org.apache.shiro.web.filter.authc.PassThruAuthenticationFilter
securityManager.rememberMeManager.cookie.name = shiroTest
securityManager.realms = $adronicaRealm
[urls]
/faces/admin/index.xhtml=user
/faces/admin/protected.xhtml = user,roles[admin]
-------------
web.xml
-------------
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="3.1" xmlns="http://xmlns.jcp.org/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee
http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd">
<context-param>
<param-name>javax.faces.PROJECT_STAGE</param-name>
<param-value>Development</param-value>
</context-param>
<context-param>
<param-name>shiroConfigLocations</param-name>
<param-value>/WEB-INF/shiro.ini</param-value>
</context-param>
<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>/faces/*</url-pattern>
</servlet-mapping>
<session-config>
<session-timeout>
30
</session-timeout>
</session-config>
<security-constraint>
<web-resource-collection>
<web-resource-name>Viewpoint Secure URLs</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
<listener>
<listener-class>org.apache.shiro.web.env.EnvironmentLoaderListener</listener-class>
</listener>
<context-param>
<param-name>org.omnifaces.FACES_VIEWS_SCAN_PATHS</param-name>
<param-value>/*.xhtml/*</param-value>
</context-param>
<filter>
<filter-name>shiroFilter</filter-name>
<filter-class>org.apache.shiro.web.servlet.ShiroFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>shiroFilter</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
<dispatcher>INCLUDE</dispatcher>
<dispatcher>ERROR</dispatcher>
</filter-mapping>
<welcome-file-list>
<welcome-file>faces/welcome.xhtml</welcome-file>
</welcome-file-list>
Re: Each redeploy deletes rememberMe cookies
Posted by Lenny Primak <lp...@hope.nyc.ny.us>.
Shiro does not remove cookies on redeploy.
Not sure what your issue is, but it’s not Shiro removing anything
> On Feb 23, 2017, at 11:41 AM, Simeó Reig <si...@grupoincofisa.com> wrote:
>
> How can we avoid to shiro removes all rememberMe cookies on each redeploy?
>
> We have implemented a custom realm, we thougth it was because we haven't setted serialVersionUID in oir User pojo, but neither work with it
>
> Thanks again
>
> Simeo Reig
>
>
>
> Shiro.ini
>
> [main]
> authc.loginUrl = /login
> user.loginUrl = /login
>
> adronicaRealm = com.mycompany.shirofaces.AdronicaRealm
>
> authc = org.apache.shiro.web.filter.authc.PassThruAuthenticationFilter
> securityManager.rememberMeManager.cookie.name = shiroTest
> securityManager.realms = $adronicaRealm
>
> [roles]
> admin = *
> user = usuaris:* , ventes:edicio, ventes:delete
> user_grant = ventes:canvi
>
> [urls]
> / = anon
> /welcome = anon
> /login = user
> /admin/** = user
>
>
>
>
>
>
>
Each redeploy deletes rememberMe cookies
Posted by Simeó Reig <si...@grupoincofisa.com>.
How can we avoid to shiro removes all rememberMe cookies on each
redeploy?
We have implemented a custom realm, we thougth it was because we haven't
setted serialVersionUID in oir User pojo, but neither work with it
Thanks again
Simeo Reig
Shiro.ini
[main]
authc.loginUrl = /login
user.loginUrl = /login
adronicaRealm = com.mycompany.shirofaces.AdronicaRealm
authc = org.apache.shiro.web.filter.authc.PassThruAuthenticationFilter
securityManager.rememberMeManager.cookie.name = shiroTest
securityManager.realms = $adronicaRealm
[roles]
admin = *
user = usuaris:* , ventes:edicio, ventes:delete
user_grant = ventes:canvi
[urls]
/ = anon
/welcome = anon
/login = user
/admin/** = user
Re: Shiro can't see Omnifaces ExtensionlessURLs rewrited urls
Posted by Simeó Reig <si...@grupoincofisa.com>.
Sorry, it was my fault ... I forgot that I haven't changed URL form
login
Sorry again :-(
--
My best regards
Simeo Reig
> I have been able to achieve extensionless URLs with no issues. Can you post your config files with the extensionless setup enabled and what errors you are getting
>
> On Feb 23, 2017, at 6:25 AM, Sime� Reig <si...@grupoincofisa.com> wrote:
>
>> We have the JSF shiro project working smoothless, now we would like to add Omnifaces ExtensionlessURLs but now shiro complains because it's not able to search login (without .xhtml extension) page when authentification mechanism is triggered.
>>
>> prettyfaces solution (http://www.ocpsoft.org/support/topic/rewrite-apache-shiro/)
>>
>> How we can achive it?
>>
>> Thanks in advance
>>
>> -------------
>>
>> pom.xml
>>
>> -------------
>>
>> <dependency>
>> <groupId>javax</groupId>
>> <artifactId>javaee-web-api</artifactId>
>> <version>7.0</version>
>> <scope>provided</scope>
>> </dependency>
>>
>> <dependency>
>> <groupId>org.apache.shiro</groupId>
>> <artifactId>shiro-core</artifactId>
>> <version>1.4.0-RC2</version>
>> </dependency>
>>
>> <dependency>
>> <groupId>org.apache.shiro</groupId>
>> <artifactId>shiro-web</artifactId>
>> <version>1.4.0-RC2</version>
>> </dependency>
>>
>> <dependency>
>> <groupId>org.apache.shiro</groupId>
>> <artifactId>shiro-faces</artifactId>
>> <version>2.0</version>
>> </dependency>
>>
>> <dependency>
>> <groupId>org.omnifaces</groupId>
>> <artifactId>omnifaces</artifactId>
>> <version>2.6</version>
>> </dependency>
>>
>> <dependency>
>> <groupId>commons-logging</groupId>
>> <artifactId>commons-logging</artifactId>
>> <version>1.2</version>
>> </dependency>
>>
>> <dependency>
>> <groupId>org.primefaces</groupId>
>> <artifactId>primefaces</artifactId>
>> <version>6.0</version>
>> </dependency>
>>
>> -------------
>>
>> shiro.ini
>>
>> -------------
>>
>> [main]
>> authc.loginUrl = /faces/login.xhtml (we tried to without extension unsuccessfuly)
>> user.loginUrl = /faces/login.xhtml
>>
>> adronicaRealm = com.mycompany.shirofaces.AdronicaRealm
>>
>> authc = org.apache.shiro.web.filter.authc.PassThruAuthenticationFilter
>> securityManager.rememberMeManager.cookie.name = shiroTest
>> securityManager.realms = $adronicaRealm
>>
>> [urls]
>> /faces/admin/index.xhtml=user
>> /faces/admin/protected.xhtml = user,roles[admin]
>>
>> -------------
>>
>> web.xml
>>
>> -------------
>>
>> <?xml version="1.0" encoding="UTF-8"?>
>> <web-app version="3.1" xmlns="http://xmlns.jcp.org/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd">
>> <context-param>
>> <param-name>javax.faces.PROJECT_STAGE</param-name>
>> <param-value>Development</param-value>
>> </context-param>
>>
>> <context-param>
>> <param-name>shiroConfigLocations</param-name>
>> <param-value>/WEB-INF/shiro.ini</param-value>
>> </context-param>
>>
>> <servlet>
>> <servlet-name>Faces Servlet</servlet-name>
>> <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
>> <load-on-startup>1</load-on-startup>
>> </servlet>
>> <servlet-mapping>
>> <servlet-name>Faces Servlet</servlet-name>
>> <url-pattern>/faces/*</url-pattern>
>> </servlet-mapping>
>> <session-config>
>> <session-timeout>
>> 30
>> </session-timeout>
>> </session-config>
>>
>> <security-constraint>
>> <web-resource-collection>
>> <web-resource-name>Viewpoint Secure URLs</web-resource-name>
>> <url-pattern>/*</url-pattern>
>> </web-resource-collection>
>> <user-data-constraint>
>> <transport-guarantee>CONFIDENTIAL</transport-guarantee>
>> </user-data-constraint>
>> </security-constraint>
>>
>> <listener>
>> <listener-class>org.apache.shiro.web.env.EnvironmentLoaderListener</listener-class>
>> </listener>
>>
>> <context-param>
>> <param-name>org.omnifaces.FACES_VIEWS_SCAN_PATHS</param-name>
>> <param-value>/*.xhtml/*</param-value>
>> </context-param>
>>
>> <filter>
>> <filter-name>shiroFilter</filter-name>
>> <filter-class>org.apache.shiro.web.servlet.ShiroFilter</filter-class>
>> </filter>
>> <filter-mapping>
>> <filter-name>shiroFilter</filter-name>
>> <url-pattern>/*</url-pattern>
>> <dispatcher>REQUEST</dispatcher>
>> <dispatcher>FORWARD</dispatcher>
>> <dispatcher>INCLUDE</dispatcher>
>> <dispatcher>ERROR</dispatcher>
>> </filter-mapping>
>>
>> <welcome-file-list>
>> <welcome-file>faces/welcome.xhtml</welcome-file>
>> </welcome-file-list>
Re: Shiro can't see Omnifaces ExtensionlessURLs rewrited urls
Posted by Lenny Primak <lp...@hope.nyc.ny.us>.
I have been able to achieve extensionless URLs with no issues. Can you post your config files with the extensionless setup enabled and what errors you are getting
> On Feb 23, 2017, at 6:25 AM, Simeó Reig <si...@grupoincofisa.com> wrote:
>
> We have the JSF shiro project working smoothless, now we would like to add Omnifaces ExtensionlessURLs but now shiro complains because it's not able to search login (without .xhtml extension) page when authentification mechanism is triggered.
>
> prettyfaces solution (http://www.ocpsoft.org/support/topic/rewrite-apache-shiro/)
>
> How we can achive it?
>
> Thanks in advance
>
>
>
> -------------
>
> pom.xml
>
> -------------
>
> <dependency>
> <groupId>javax</groupId>
> <artifactId>javaee-web-api</artifactId>
> <version>7.0</version>
> <scope>provided</scope>
> </dependency>
>
> <dependency>
> <groupId>org.apache.shiro</groupId>
> <artifactId>shiro-core</artifactId>
> <version>1.4.0-RC2</version>
> </dependency>
>
> <dependency>
> <groupId>org.apache.shiro</groupId>
> <artifactId>shiro-web</artifactId>
> <version>1.4.0-RC2</version>
> </dependency>
>
> <dependency>
> <groupId>org.apache.shiro</groupId>
> <artifactId>shiro-faces</artifactId>
> <version>2.0</version>
> </dependency>
>
> <dependency>
> <groupId>org.omnifaces</groupId>
> <artifactId>omnifaces</artifactId>
> <version>2.6</version>
> </dependency>
>
> <dependency>
> <groupId>commons-logging</groupId>
> <artifactId>commons-logging</artifactId>
> <version>1.2</version>
> </dependency>
>
> <dependency>
> <groupId>org.primefaces</groupId>
> <artifactId>primefaces</artifactId>
> <version>6.0</version>
> </dependency>
>
>
> -------------
>
> shiro.ini
>
> -------------
>
>
>
> [main]
> authc.loginUrl = /faces/login.xhtml (we tried to without extension unsuccessfuly)
> user.loginUrl = /faces/login.xhtml
>
> adronicaRealm = com.mycompany.shirofaces.AdronicaRealm
>
> authc = org.apache.shiro.web.filter.authc.PassThruAuthenticationFilter
> securityManager.rememberMeManager.cookie.name = shiroTest
> securityManager.realms = $adronicaRealm
>
>
> [urls]
> /faces/admin/index.xhtml=user
> /faces/admin/protected.xhtml = user,roles[admin]
>
>
> -------------
>
> web.xml
>
> -------------
>
>
>
> <?xml version="1.0" encoding="UTF-8"?>
> <web-app version="3.1" xmlns="http://xmlns.jcp.org/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd">
> <context-param>
> <param-name>javax.faces.PROJECT_STAGE</param-name>
> <param-value>Development</param-value>
> </context-param>
>
> <context-param>
> <param-name>shiroConfigLocations</param-name>
> <param-value>/WEB-INF/shiro.ini</param-value>
> </context-param>
>
> <servlet>
> <servlet-name>Faces Servlet</servlet-name>
> <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
> <load-on-startup>1</load-on-startup>
> </servlet>
> <servlet-mapping>
> <servlet-name>Faces Servlet</servlet-name>
> <url-pattern>/faces/*</url-pattern>
> </servlet-mapping>
> <session-config>
> <session-timeout>
> 30
> </session-timeout>
> </session-config>
>
> <security-constraint>
> <web-resource-collection>
> <web-resource-name>Viewpoint Secure URLs</web-resource-name>
> <url-pattern>/*</url-pattern>
> </web-resource-collection>
> <user-data-constraint>
> <transport-guarantee>CONFIDENTIAL</transport-guarantee>
> </user-data-constraint>
> </security-constraint>
>
>
>
>
> <listener>
> <listener-class>org.apache.shiro.web.env.EnvironmentLoaderListener</listener-class>
> </listener>
>
>
> <context-param>
> <param-name>org.omnifaces.FACES_VIEWS_SCAN_PATHS</param-name>
> <param-value>/*.xhtml/*</param-value>
> </context-param>
>
>
> <filter>
> <filter-name>shiroFilter</filter-name>
> <filter-class>org.apache.shiro.web.servlet.ShiroFilter</filter-class>
> </filter>
> <filter-mapping>
> <filter-name>shiroFilter</filter-name>
> <url-pattern>/*</url-pattern>
> <dispatcher>REQUEST</dispatcher>
> <dispatcher>FORWARD</dispatcher>
> <dispatcher>INCLUDE</dispatcher>
> <dispatcher>ERROR</dispatcher>
> </filter-mapping>
>
> <welcome-file-list>
> <welcome-file>faces/welcome.xhtml</welcome-file>
> </welcome-file-list>
Re: Shiro can't see Omnifaces ExtensionlessURLs rewrited urls
Posted by Simeó Reig <si...@grupoincofisa.com>.
Sorry, it was my fault ... I forgot that I haven't changed URL form
login
Sorry again :-(
--
My best regards
Simeo Reig
> What URL maps to your login page?
>
> On Thu, Feb 23, 2017 at 7:25 AM, Sime� Reig <si...@grupoincofisa.com> wrote:
>
>> We have the JSF shiro project working smoothless, now we would like to add Omnifaces ExtensionlessURLs but now shiro complains because it's not able to search login (without .xhtml extension) page when authentification mechanism is triggered.
>>
>> prettyfaces solution (http://www.ocpsoft.org/support/topic/rewrite-apache-shiro/ [4])
>>
>> How we can achive it?
>>
>> Thanks in advance
>>
>> -------------
>>
>> pom.xml
>>
>> -------------
>>
>> <dependency>
>> <groupId>javax</groupId>
>> <artifactId>javaee-web-api</artifactId>
>> <version>7.0</version>
>> <scope>provided</scope>
>> </dependency>
>>
>> <dependency>
>> <groupId>org.apache.shiro</groupId>
>> <artifactId>shiro-core</artifactId>
>> <version>1.4.0-RC2</version>
>> </dependency>
>>
>> <dependency>
>> <groupId>org.apache.shiro</groupId>
>> <artifactId>shiro-web</artifactId>
>> <version>1.4.0-RC2</version>
>> </dependency>
>>
>> <dependency>
>> <groupId>org.apache.shiro</groupId>
>> <artifactId>shiro-faces</artifactId>
>> <version>2.0</version>
>> </dependency>
>>
>> <dependency>
>> <groupId>org.omnifaces</groupId>
>> <artifactId>omnifaces</artifactId>
>> <version>2.6</version>
>> </dependency>
>>
>> <dependency>
>> <groupId>commons-logging</groupId>
>> <artifactId>commons-logging</artifactId>
>> <version>1.2</version>
>> </dependency>
>>
>> <dependency>
>> <groupId>org.primefaces</groupId>
>> <artifactId>primefaces</artifactId>
>> <version>6.0</version>
>> </dependency>
>>
>> -------------
>>
>> shiro.ini
>>
>> -------------
>>
>> [main]
>> authc.loginUrl = /faces/login.xhtml (we tried to without extension unsuccessfuly)
>> user.loginUrl = /faces/login.xhtml
>>
>> adronicaRealm = com.mycompany.shirofaces.AdronicaRealm
>>
>> authc = org.apache.shiro.web.filter.authc.PassThruAuthenticationFilter
>> securityManager.rememberMeManager.cookie.name = shiroTest
>> securityManager.realms = $adronicaRealm
>>
>> [urls]
>> /faces/admin/index.xhtml=user
>> /faces/admin/protected.xhtml = user,roles[admin]
>>
>> -------------
>>
>> web.xml
>>
>> -------------
>>
>> <?xml version="1.0" encoding="UTF-8"?>
>> <web-app version="3.1" xmlns="http://xmlns.jcp.org/xml/ns/javaee [1]" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance [2]" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee [1] http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd [3]">
>> <context-param>
>> <param-name>javax.faces.PROJECT_STAGE</param-name>
>> <param-value>Development</param-value>
>> </context-param>
>>
>> <context-param>
>> <param-name>shiroConfigLocations</param-name>
>> <param-value>/WEB-INF/shiro.ini</param-value>
>> </context-param>
>>
>> <servlet>
>> <servlet-name>Faces Servlet</servlet-name>
>> <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
>> <load-on-startup>1</load-on-startup>
>> </servlet>
>> <servlet-mapping>
>> <servlet-name>Faces Servlet</servlet-name>
>> <url-pattern>/faces/*</url-pattern>
>> </servlet-mapping>
>> <session-config>
>> <session-timeout>
>> 30
>> </session-timeout>
>> </session-config>
>>
>> <security-constraint>
>> <web-resource-collection>
>> <web-resource-name>Viewpoint Secure URLs</web-resource-name>
>> <url-pattern>/*</url-pattern>
>> </web-resource-collection>
>> <user-data-constraint>
>> <transport-guarantee>CONFIDENTIAL</transport-guarantee>
>> </user-data-constraint>
>> </security-constraint>
>>
>> <listener>
>> <listener-class>org.apache.shiro.web.env.EnvironmentLoaderListener</listener-class>
>> </listener>
>>
>> <context-param>
>> <param-name>org.omnifaces.FACES_VIEWS_SCAN_PATHS</param-name>
>> <param-value>/*.xhtml/*</param-value>
>> </context-param>
>>
>> <filter>
>> <filter-name>shiroFilter</filter-name>
>> <filter-class>org.apache.shiro.web.servlet.ShiroFilter</filter-class>
>> </filter>
>> <filter-mapping>
>> <filter-name>shiroFilter</filter-name>
>> <url-pattern>/*</url-pattern>
>> <dispatcher>REQUEST</dispatcher>
>> <dispatcher>FORWARD</dispatcher>
>> <dispatcher>INCLUDE</dispatcher>
>> <dispatcher>ERROR</dispatcher>
>> </filter-mapping>
>>
>> <welcome-file-list>
>> <welcome-file>faces/welcome.xhtml</welcome-file>
>> </welcome-file-list>
Links:
------
[1] http://xmlns.jcp.org/xml/ns/javaee
[2] http://www.w3.org/2001/XMLSchema-instance
[3] http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd
[4] http://www.ocpsoft.org/support/topic/rewrite-apache-shiro/
Re: Shiro can't see Omnifaces ExtensionlessURLs rewrited urls
Posted by Brian Demers <br...@gmail.com>.
What URL maps to your login page?
On Thu, Feb 23, 2017 at 7:25 AM, Simeó Reig <si...@grupoincofisa.com>
wrote:
> We have the JSF shiro project working smoothless, now we would like to add
> Omnifaces ExtensionlessURLs but now shiro complains because it's not able
> to search login (without .xhtml extension) page when authentification
> mechanism is triggered.
>
> prettyfaces solution (http://www.ocpsoft.org/support/topic/rewrite-apache-
> shiro/)
>
> How we can achive it?
>
> Thanks in advance
>
>
> -------------
>
> pom.xml
>
> -------------
>
> <dependency>
> <groupId>javax</groupId>
> <artifactId>javaee-web-api</artifactId>
> <version>7.0</version>
> <scope>provided</scope>
> </dependency>
>
> <dependency>
> <groupId>org.apache.shiro</groupId>
> <artifactId>shiro-core</artifactId>
> <version>1.4.0-RC2</version>
> </dependency>
>
> <dependency>
> <groupId>org.apache.shiro</groupId>
> <artifactId>shiro-web</artifactId>
> <version>1.4.0-RC2</version>
> </dependency>
>
> <dependency>
> <groupId>org.apache.shiro</groupId>
> <artifactId>shiro-faces</artifactId>
> <version>2.0</version>
> </dependency>
>
> <dependency>
> <groupId>org.omnifaces</groupId>
> <artifactId>omnifaces</artifactId>
> <version>2.6</version>
> </dependency>
>
> <dependency>
> <groupId>commons-logging</groupId>
> <artifactId>commons-logging</artifactId>
> <version>1.2</version>
> </dependency>
>
> <dependency>
> <groupId>org.primefaces</groupId>
> <artifactId>primefaces</artifactId>
> <version>6.0</version>
> </dependency>
>
>
> -------------
>
> shiro.ini
>
> -------------
>
>
> [main]
> authc.loginUrl = /faces/login.xhtml (we tried to without extension unsuccessfuly)
> user.loginUrl = /faces/login.xhtml
>
> adronicaRealm = com.mycompany.shirofaces.AdronicaRealm
>
> authc = org.apache.shiro.web.filter.authc.PassThruAuthenticationFilter
> securityManager.rememberMeManager.cookie.name = shiroTest
> securityManager.realms = $adronicaRealm
>
> [urls]/faces/admin/index.xhtml=user/faces/admin/protected.xhtml = user,roles[admin]
>
>
> -------------
>
> web.xml
>
> -------------
>
>
> <?xml version="1.0" encoding="UTF-8"?><web-app version="3.1" xmlns="http://xmlns.jcp.org/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"><context-param>
> <param-name>javax.faces.PROJECT_STAGE</param-name>
> <param-value>Development</param-value></context-param>
> <context-param>
> <param-name>shiroConfigLocations</param-name>
> <param-value>/WEB-INF/shiro.ini</param-value> </context-param>
> <servlet>
> <servlet-name>Faces Servlet</servlet-name>
> <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
> <load-on-startup>1</load-on-startup></servlet><servlet-mapping>
> <servlet-name>Faces Servlet</servlet-name>
> <url-pattern>/faces/*</url-pattern></servlet-mapping><session-config>
> <session-timeout>
> 30
> </session-timeout></session-config>
> <security-constraint>
> <web-resource-collection>
> <web-resource-name>Viewpoint Secure URLs</web-resource-name>
> <url-pattern>/*</url-pattern>
> </web-resource-collection>
> <user-data-constraint>
> <transport-guarantee>CONFIDENTIAL</transport-guarantee>
> </user-data-constraint></security-constraint>
>
>
>
> <listener>
> <listener-class>org.apache.shiro.web.env.EnvironmentLoaderListener</listener-class></listener>
>
> <context-param>
> <param-name>org.omnifaces.FACES_VIEWS_SCAN_PATHS</param-name>
> <param-value>/*.xhtml/*</param-value></context-param>
>
> <filter>
> <filter-name>shiroFilter</filter-name>
> <filter-class>org.apache.shiro.web.servlet.ShiroFilter</filter-class></filter><filter-mapping>
> <filter-name>shiroFilter</filter-name>
> <url-pattern>/*</url-pattern>
> <dispatcher>REQUEST</dispatcher>
> <dispatcher>FORWARD</dispatcher>
> <dispatcher>INCLUDE</dispatcher>
> <dispatcher>ERROR</dispatcher></filter-mapping>
> <welcome-file-list>
> <welcome-file>faces/welcome.xhtml</welcome-file></welcome-file-list>
>
>