You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tapestry.apache.org by "jeremias.eppler@web.de" <je...@web.de> on 2014/06/09 11:56:14 UTC
Tapestry Security: transform shiro.ini to Tapestry Security
Hello,
I have a problem with Tapestry Security and I hope it is okay if I ask
the question over the tapestry mailing list.
My Problem is that I don't know how I can transform my working shiro.ini
to Tapestry Security.
I use Apache Shiro, allready for the desktop part of my application, but
I need also a small webapplication part.
The application, is a university course project and schould show, how
flexibel a tier architecture is.
Here my shiro.ini:
[main]
# Own Realm
busMasterHibernateRealm =
fhv.at.year2014.sem4.teamc.busmaster.security.shiro.auth.BusmasterCustomRealm
#Hashfunction used for password checking
sha512CredentialsMatcher =
org.apache.shiro.authc.credential.Sha512CredentialsMatcher
# base64 encoding, not hex in this example:
sha512CredentialsMatcher.storedCredentialsHexEncoded = false
sha512CredentialsMatcher.hashIterations = 2048
#Set the crediental matcher for the realm
busMasterHibernateRealm.credentialsMatcher = $sha512CredentialsMatcher
# Use Built-in Chache Manager
builtInCacheManager = org.apache.shiro.cache.MemoryConstrainedCacheManager
securityManager.cacheManager = $builtInCacheManager
#Set the active realms for shiro
securityManager.realms = $busMasterHibernateRealm
what I figured out allready is that I have to configure Tapestry
Security in the myapp.services.AppModule
import org.apache.shiro.realm.Realm;
import org.apache.shiro.web.mgt.WebSecurityManager;
import org.apache.tapestry5.ioc.Configuration;
import org.apache.tapestry5.ioc.MappedConfiguration;
import org.apache.tapestry5.ioc.annotations.Contribute;
import org.tynamo.security.SecuritySymbols;
import org.tynamo.security.services.SecurityFilterChainFactory;
import org.tynamo.security.services.impl.SecurityFilterChain;
import fhv.at.year2014.sem4.teamc.busmaster.hibernate.HibernateUtil;
import
fhv.at.year2014.sem4.teamc.busmaster.security.shiro.auth.BusmasterCustomRealm;
public class AppModule {
@Contribute( WebSecurityManager.class )
public static void addRealms( Configuration<Realm> configuration ) {
BusmasterCustomRealm realm = new BusmasterCustomRealm();
configuration.add(realm);
}
public static void contributeSecurityConfiguration(
Configuration<SecurityFilterChain> configuration,
SecurityFilterChainFactory factory ) {
// /authc/** rule covers /authc , /authc?q=name /authc#anchor
urls as well
configuration.add(factory.createChain( "/authc/**" ).add(
factory.authc()).build() );
}
public static void contributeApplicationDefaults(
MappedConfiguration<String, String> configuration )
{
// Tynamo's tapestry-security module configuration
configuration.add( SecuritySymbols.LOGIN_URL, "/Login" );
configuration.add( SecuritySymbols.SUCCESS_URL, "/Dashboard" );
//I don't know if this is a good idea
HibernateUtil.getSessionFactory().getCurrentSession();
}
}
So, can anybody help me?
My greatest problem is how can configure the sha512CredentialsMatcher in
the AppModule.java?
Regards
Jeremias
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: Tapestry Security: transform shiro.ini to Tapestry Security
Posted by Kalle Korhonen <ka...@gmail.com>.
Yes, asking on this list is fine. It's all Java. You can simply call the
setter:
setCredentialsMatcher(new
HashedCredentialsMatcher(Sha512Hash.ALGORITHM_NAME));
It makes the most sense to me to call it from the constructor of your
realm, but you can also call it from outside.
Kalle
On Mon, Jun 9, 2014 at 2:56 AM, jeremias.eppler@web.de <
jeremias.eppler@web.de> wrote:
> Hello,
>
> I have a problem with Tapestry Security and I hope it is okay if I ask
> the question over the tapestry mailing list.
> My Problem is that I don't know how I can transform my working shiro.ini
> to Tapestry Security.
>
> I use Apache Shiro, allready for the desktop part of my application, but
> I need also a small webapplication part.
> The application, is a university course project and schould show, how
> flexibel a tier architecture is.
>
> Here my shiro.ini:
>
> [main]
> # Own Realm
> busMasterHibernateRealm =
>
> fhv.at.year2014.sem4.teamc.busmaster.security.shiro.auth.BusmasterCustomRealm
>
> #Hashfunction used for password checking
> sha512CredentialsMatcher =
> org.apache.shiro.authc.credential.Sha512CredentialsMatcher
> # base64 encoding, not hex in this example:
> sha512CredentialsMatcher.storedCredentialsHexEncoded = false
> sha512CredentialsMatcher.hashIterations = 2048
>
> #Set the crediental matcher for the realm
> busMasterHibernateRealm.credentialsMatcher = $sha512CredentialsMatcher
>
> # Use Built-in Chache Manager
> builtInCacheManager = org.apache.shiro.cache.MemoryConstrainedCacheManager
> securityManager.cacheManager = $builtInCacheManager
>
> #Set the active realms for shiro
> securityManager.realms = $busMasterHibernateRealm
>
> what I figured out allready is that I have to configure Tapestry
> Security in the myapp.services.AppModule
>
> import org.apache.shiro.realm.Realm;
> import org.apache.shiro.web.mgt.WebSecurityManager;
> import org.apache.tapestry5.ioc.Configuration;
> import org.apache.tapestry5.ioc.MappedConfiguration;
> import org.apache.tapestry5.ioc.annotations.Contribute;
> import org.tynamo.security.SecuritySymbols;
> import org.tynamo.security.services.SecurityFilterChainFactory;
> import org.tynamo.security.services.impl.SecurityFilterChain;
>
> import fhv.at.year2014.sem4.teamc.busmaster.hibernate.HibernateUtil;
> import
>
> fhv.at.year2014.sem4.teamc.busmaster.security.shiro.auth.BusmasterCustomRealm;
>
> public class AppModule {
>
> @Contribute( WebSecurityManager.class )
> public static void addRealms( Configuration<Realm> configuration ) {
> BusmasterCustomRealm realm = new BusmasterCustomRealm();
> configuration.add(realm);
> }
>
> public static void contributeSecurityConfiguration(
> Configuration<SecurityFilterChain> configuration,
> SecurityFilterChainFactory factory ) {
> // /authc/** rule covers /authc , /authc?q=name /authc#anchor
> urls as well
> configuration.add(factory.createChain( "/authc/**" ).add(
> factory.authc()).build() );
> }
>
> public static void contributeApplicationDefaults(
> MappedConfiguration<String, String> configuration )
> {
> // Tynamo's tapestry-security module configuration
> configuration.add( SecuritySymbols.LOGIN_URL, "/Login" );
> configuration.add( SecuritySymbols.SUCCESS_URL, "/Dashboard" );
>
> //I don't know if this is a good idea
> HibernateUtil.getSessionFactory().getCurrentSession();
> }
> }
>
> So, can anybody help me?
> My greatest problem is how can configure the sha512CredentialsMatcher in
> the AppModule.java?
>
> Regards
> Jeremias
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
>