You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@shiro.apache.org by shan <sh...@gmail.com> on 2014/07/15 17:45:44 UTC
Re: Embedded web server startup and static SecurityManager
Stephen, thanks for the code snippet - one question though, where in this
mechanism are you inserting your custom Realm into the Security Manager?
--
View this message in context: http://shiro-user.582556.n2.nabble.com/Embedded-web-server-startup-and-static-SecurityManager-tp7579754p7580084.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: Embedded web server startup and static SecurityManager
Posted by Shan Syed <sh...@gmail.com>.
thanks guys
I really hope 2.0 favours composition :)
chasing functionality through class hierarchy is a young man's game
On Thu, Jul 17, 2014 at 8:50 AM, Stephen Colebourne <sc...@joda.org>
wrote:
> The security manager is setup once up front including the realms.
>
> Imagine a main method that did this:
> - setup realm connected to database
> - setup static security manager
> - start embedded Jetty
> - embedded jetty re-uses the previously setup static security manager
>
> The example code shows how hard I found it to get the static security
> manager re-used in the web environment.
>
> Stephen
>
>
> On 15 July 2014 16:45, shan <sh...@gmail.com> wrote:
> > Stephen, thanks for the code snippet - one question though, where in this
> > mechanism are you inserting your custom Realm into the Security Manager?
> >
> >
> >
> > --
> > View this message in context:
> http://shiro-user.582556.n2.nabble.com/Embedded-web-server-startup-and-static-SecurityManager-tp7579754p7580084.html
> > Sent from the Shiro User mailing list archive at Nabble.com.
>
Re: Embedded web server startup and static SecurityManager
Posted by Stephen Colebourne <sc...@joda.org>.
The security manager is setup once up front including the realms.
Imagine a main method that did this:
- setup realm connected to database
- setup static security manager
- start embedded Jetty
- embedded jetty re-uses the previously setup static security manager
The example code shows how hard I found it to get the static security
manager re-used in the web environment.
Stephen
On 15 July 2014 16:45, shan <sh...@gmail.com> wrote:
> Stephen, thanks for the code snippet - one question though, where in this
> mechanism are you inserting your custom Realm into the Security Manager?
>
>
>
> --
> View this message in context: http://shiro-user.582556.n2.nabble.com/Embedded-web-server-startup-and-static-SecurityManager-tp7579754p7580084.html
> Sent from the Shiro User mailing list archive at Nabble.com.
Re: Embedded web server startup and static SecurityManager
Posted by domfarr <do...@gmail.com>.
Here is what I use in my embedded server app. Hope this helps.
public class ShiroEnvironmentListener implements ServletContextListener {
private final RosserApplicationConfiguration configuration;
private final EnvironmentLoaderListener environmentLoaderListener;
private final Realm rosserRealm;
private final SystemAudit systemAudit;
private final CustomerFolderDAO customerFolderDAO;
public ShiroEnvironmentListener(RosserApplicationConfiguration
configuration, EnvironmentLoaderListener environmentLoaderListener, Realm
rosserRealm, SystemAudit systemAudit, CustomerFolderDAO customerFolderDAO) {
this.configuration = configuration;
this.environmentLoaderListener = environmentLoaderListener;
this.rosserRealm = rosserRealm;
this.systemAudit = systemAudit;
this.customerFolderDAO = customerFolderDAO;
}
@Override
public void contextInitialized(ServletContextEvent sce) {
ServletContext servletContext = sce.getServletContext();
servletContext.setInitParameter("shiroConfigLocations",
configuration.getShiroConfigLocations());
environmentLoaderListener.contextInitialized(sce);
WebEnvironment webEnvironment =
WebUtils.getWebEnvironment(servletContext);
WebSecurityManager webSecurityManager =
webEnvironment.getWebSecurityManager();
((RealmSecurityManager) webSecurityManager).setRealm(rosserRealm);
ModularRealmAuthenticator authenticator =
(ModularRealmAuthenticator) ((DefaultWebSecurityManager)
webSecurityManager).getAuthenticator();
authenticator.setAuthenticationListeners(Lists.<AuthenticationListener>newArrayList(new
SystemAuditAuthenticationListener(systemAudit, customerFolderDAO)));
}
@Override
public void contextDestroyed(ServletContextEvent sce) {
environmentLoaderListener.contextDestroyed(sce);
}
}
shan wrote
> Stephen, thanks for the code snippet - one question though, where in this
> mechanism are you inserting your custom Realm into the Security Manager?
--
View this message in context: http://shiro-user.582556.n2.nabble.com/Embedded-web-server-startup-and-static-SecurityManager-tp7579754p7580089.html
Sent from the Shiro User mailing list archive at Nabble.com.