You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@shiro.apache.org by shan <sh...@gmail.com> on 2014/07/15 17:45:44 UTC

Re: Embedded web server startup and static SecurityManager

Stephen, thanks for the code snippet - one question though, where in this
mechanism are you inserting your custom Realm into the Security Manager?



--
View this message in context: http://shiro-user.582556.n2.nabble.com/Embedded-web-server-startup-and-static-SecurityManager-tp7579754p7580084.html
Sent from the Shiro User mailing list archive at Nabble.com.

Re: Embedded web server startup and static SecurityManager

Posted by Shan Syed <sh...@gmail.com>.

thanks guys

I really hope 2.0 favours composition :)
chasing functionality through class hierarchy is a young man's game



On Thu, Jul 17, 2014 at 8:50 AM, Stephen Colebourne <sc...@joda.org>
wrote:

> The security manager is setup once up front including the realms.
>
> Imagine a main method that did this:
> - setup realm connected to database
> - setup static security manager
> - start embedded Jetty
> - embedded jetty re-uses the previously setup static security manager
>
> The example code shows how hard I found it to get the static security
> manager re-used in the web environment.
>
> Stephen
>
>
> On 15 July 2014 16:45, shan <sh...@gmail.com> wrote:
> > Stephen, thanks for the code snippet - one question though, where in this
> > mechanism are you inserting your custom Realm into the Security Manager?
> >
> >
> >
> > --
> > View this message in context:
> http://shiro-user.582556.n2.nabble.com/Embedded-web-server-startup-and-static-SecurityManager-tp7579754p7580084.html
> > Sent from the Shiro User mailing list archive at Nabble.com.
>

Re: Embedded web server startup and static SecurityManager

Posted by Stephen Colebourne <sc...@joda.org>.

The security manager is setup once up front including the realms.

Imagine a main method that did this:
- setup realm connected to database
- setup static security manager
- start embedded Jetty
- embedded jetty re-uses the previously setup static security manager

The example code shows how hard I found it to get the static security
manager re-used in the web environment.

Stephen


On 15 July 2014 16:45, shan <sh...@gmail.com> wrote:
> Stephen, thanks for the code snippet - one question though, where in this
> mechanism are you inserting your custom Realm into the Security Manager?
>
>
>
> --
> View this message in context: http://shiro-user.582556.n2.nabble.com/Embedded-web-server-startup-and-static-SecurityManager-tp7579754p7580084.html
> Sent from the Shiro User mailing list archive at Nabble.com.

Re: Embedded web server startup and static SecurityManager

Posted by domfarr <do...@gmail.com>.

Here is what I use in my embedded server app. Hope this helps.

public class ShiroEnvironmentListener implements ServletContextListener {
    private final RosserApplicationConfiguration configuration;
    private final EnvironmentLoaderListener environmentLoaderListener;
    private final Realm rosserRealm;
    private final SystemAudit systemAudit;
    private final CustomerFolderDAO customerFolderDAO;

    public ShiroEnvironmentListener(RosserApplicationConfiguration
configuration, EnvironmentLoaderListener environmentLoaderListener, Realm
rosserRealm, SystemAudit systemAudit, CustomerFolderDAO customerFolderDAO) {
        this.configuration = configuration;
        this.environmentLoaderListener = environmentLoaderListener;
        this.rosserRealm = rosserRealm;
        this.systemAudit = systemAudit;
        this.customerFolderDAO = customerFolderDAO;
    }

    @Override
    public void contextInitialized(ServletContextEvent sce) {
        ServletContext servletContext = sce.getServletContext();
        servletContext.setInitParameter("shiroConfigLocations",
configuration.getShiroConfigLocations());
        environmentLoaderListener.contextInitialized(sce);
        WebEnvironment webEnvironment =
WebUtils.getWebEnvironment(servletContext);
        WebSecurityManager webSecurityManager =
webEnvironment.getWebSecurityManager();
        ((RealmSecurityManager) webSecurityManager).setRealm(rosserRealm);

        ModularRealmAuthenticator authenticator =
(ModularRealmAuthenticator) ((DefaultWebSecurityManager)
webSecurityManager).getAuthenticator();

       
authenticator.setAuthenticationListeners(Lists.<AuthenticationListener>newArrayList(new
SystemAuditAuthenticationListener(systemAudit, customerFolderDAO)));
    }

    @Override
    public void contextDestroyed(ServletContextEvent sce) {
        environmentLoaderListener.contextDestroyed(sce);
    }

}

shan wrote
> Stephen, thanks for the code snippet - one question though, where in this
> mechanism are you inserting your custom Realm into the Security Manager?





--
View this message in context: http://shiro-user.582556.n2.nabble.com/Embedded-web-server-startup-and-static-SecurityManager-tp7579754p7580089.html
Sent from the Shiro User mailing list archive at Nabble.com.