You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tapestry.apache.org by "jeremias.eppler@web.de" <je...@web.de> on 2014/06/09 11:56:14 UTC

Tapestry Security: transform shiro.ini to Tapestry Security

Hello,

I have a problem with Tapestry Security and I hope it is okay if I ask
the question over the tapestry mailing list.
My Problem is that I don't know how I can transform my working shiro.ini
to Tapestry Security.

I use Apache Shiro, allready for the desktop part of my application, but
I need also a small webapplication part.
The application, is a university course project and schould show, how
flexibel a tier architecture is.

Here my shiro.ini:

[main] 
# Own Realm 
busMasterHibernateRealm =
fhv.at.year2014.sem4.teamc.busmaster.security.shiro.auth.BusmasterCustomRealm
 
#Hashfunction used for password checking
sha512CredentialsMatcher =
org.apache.shiro.authc.credential.Sha512CredentialsMatcher
# base64 encoding, not hex in this example: 
sha512CredentialsMatcher.storedCredentialsHexEncoded = false
sha512CredentialsMatcher.hashIterations = 2048 

#Set the crediental matcher for the realm
busMasterHibernateRealm.credentialsMatcher = $sha512CredentialsMatcher 

# Use Built-in Chache Manager
builtInCacheManager = org.apache.shiro.cache.MemoryConstrainedCacheManager
securityManager.cacheManager = $builtInCacheManager

#Set the active realms for shiro
securityManager.realms = $busMasterHibernateRealm

what I figured out allready is that I have to configure Tapestry
Security in the myapp.services.AppModule

import org.apache.shiro.realm.Realm;
import org.apache.shiro.web.mgt.WebSecurityManager;
import org.apache.tapestry5.ioc.Configuration;
import org.apache.tapestry5.ioc.MappedConfiguration;
import org.apache.tapestry5.ioc.annotations.Contribute;
import org.tynamo.security.SecuritySymbols;
import org.tynamo.security.services.SecurityFilterChainFactory;
import org.tynamo.security.services.impl.SecurityFilterChain;

import fhv.at.year2014.sem4.teamc.busmaster.hibernate.HibernateUtil;
import
fhv.at.year2014.sem4.teamc.busmaster.security.shiro.auth.BusmasterCustomRealm;

public class AppModule {

    @Contribute( WebSecurityManager.class )
    public static void addRealms( Configuration<Realm> configuration ) {
        BusmasterCustomRealm realm = new BusmasterCustomRealm();
        configuration.add(realm);
    }
   
    public static void contributeSecurityConfiguration(
Configuration<SecurityFilterChain> configuration,
            SecurityFilterChainFactory factory ) {
        // /authc/** rule covers /authc , /authc?q=name /authc#anchor
urls as well
        configuration.add(factory.createChain( "/authc/**" ).add(
factory.authc()).build() );
    }
   
    public static void contributeApplicationDefaults(
MappedConfiguration<String, String> configuration )
    {
        // Tynamo's tapestry-security module configuration
        configuration.add( SecuritySymbols.LOGIN_URL, "/Login" );
        configuration.add( SecuritySymbols.SUCCESS_URL, "/Dashboard" );

        //I don't know if this is a good idea
        HibernateUtil.getSessionFactory().getCurrentSession();
    }
}

So, can anybody help me?
My greatest problem is how can configure the sha512CredentialsMatcher in
the AppModule.java?

Regards
    Jeremias

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org

Re: Tapestry Security: transform shiro.ini to Tapestry Security

Posted by Kalle Korhonen <ka...@gmail.com>.

Yes, asking on this list is fine. It's all Java. You can simply call the
setter:
        setCredentialsMatcher(new
HashedCredentialsMatcher(Sha512Hash.ALGORITHM_NAME));

It makes the most sense to me to call it from the constructor of your
realm, but you can also call it from outside.

Kalle


On Mon, Jun 9, 2014 at 2:56 AM, jeremias.eppler@web.de <
jeremias.eppler@web.de> wrote:

> Hello,
>
> I have a problem with Tapestry Security and I hope it is okay if I ask
> the question over the tapestry mailing list.
> My Problem is that I don't know how I can transform my working shiro.ini
> to Tapestry Security.
>
> I use Apache Shiro, allready for the desktop part of my application, but
> I need also a small webapplication part.
> The application, is a university course project and schould show, how
> flexibel a tier architecture is.
>
> Here my shiro.ini:
>
> [main]
> # Own Realm
> busMasterHibernateRealm =
>
> fhv.at.year2014.sem4.teamc.busmaster.security.shiro.auth.BusmasterCustomRealm
>
> #Hashfunction used for password checking
> sha512CredentialsMatcher =
> org.apache.shiro.authc.credential.Sha512CredentialsMatcher
> # base64 encoding, not hex in this example:
> sha512CredentialsMatcher.storedCredentialsHexEncoded = false
> sha512CredentialsMatcher.hashIterations = 2048
>
> #Set the crediental matcher for the realm
> busMasterHibernateRealm.credentialsMatcher = $sha512CredentialsMatcher
>
> # Use Built-in Chache Manager
> builtInCacheManager = org.apache.shiro.cache.MemoryConstrainedCacheManager
> securityManager.cacheManager = $builtInCacheManager
>
> #Set the active realms for shiro
> securityManager.realms = $busMasterHibernateRealm
>
> what I figured out allready is that I have to configure Tapestry
> Security in the myapp.services.AppModule
>
> import org.apache.shiro.realm.Realm;
> import org.apache.shiro.web.mgt.WebSecurityManager;
> import org.apache.tapestry5.ioc.Configuration;
> import org.apache.tapestry5.ioc.MappedConfiguration;
> import org.apache.tapestry5.ioc.annotations.Contribute;
> import org.tynamo.security.SecuritySymbols;
> import org.tynamo.security.services.SecurityFilterChainFactory;
> import org.tynamo.security.services.impl.SecurityFilterChain;
>
> import fhv.at.year2014.sem4.teamc.busmaster.hibernate.HibernateUtil;
> import
>
> fhv.at.year2014.sem4.teamc.busmaster.security.shiro.auth.BusmasterCustomRealm;
>
> public class AppModule {
>
>     @Contribute( WebSecurityManager.class )
>     public static void addRealms( Configuration<Realm> configuration ) {
>         BusmasterCustomRealm realm = new BusmasterCustomRealm();
>         configuration.add(realm);
>     }
>
>     public static void contributeSecurityConfiguration(
> Configuration<SecurityFilterChain> configuration,
>             SecurityFilterChainFactory factory ) {
>         // /authc/** rule covers /authc , /authc?q=name /authc#anchor
> urls as well
>         configuration.add(factory.createChain( "/authc/**" ).add(
> factory.authc()).build() );
>     }
>
>     public static void contributeApplicationDefaults(
> MappedConfiguration<String, String> configuration )
>     {
>         // Tynamo's tapestry-security module configuration
>         configuration.add( SecuritySymbols.LOGIN_URL, "/Login" );
>         configuration.add( SecuritySymbols.SUCCESS_URL, "/Dashboard" );
>
>         //I don't know if this is a good idea
>         HibernateUtil.getSessionFactory().getCurrentSession();
>     }
> }
>
> So, can anybody help me?
> My greatest problem is how can configure the sha512CredentialsMatcher in
> the AppModule.java?
>
> Regards
>     Jeremias
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
>