I'm trying to use shiro 1.4.1-SNAPSHOT built from git master, in place
of shiro 1.3.1.
My current attempt fails with the stack trace below, and I'm wondering
what I'm doing wrong?
The code I'm replacing (which works) and my replacement code (which
fails) follows after the stack trace.
I'm using OSGi declarative services (DS)[1] components that provide
servlets and filters that plug into the web whiteboard[2] running inside
an apache karaf[3] OSGi container.
Authentication faills with the following stack trace:
2018-11-22T07:59:06,609 | WARN | qtp1835564892-153 | ServletHandler
| 113 - org.eclipse.jetty.util - 9.3.21.v20170918 |
javax.servlet.ServletException:
org.apache.shiro.UnavailableSecurityManagerException: No SecurityManager
accessible to the calling code, either bound to the
org.apache.shiro.util.ThreadContext or as a vm static singleton. This is an
invalid application configuration.
at
org.glassfish.jersey.servlet.WebComponent.serviceImpl(WebComponent.java:432)
[131:org.glassfish.jersey.containers.jersey-container-servlet-core:2.27.0]
at
org.glassfish.jersey.servlet.WebComponent.service(WebComponent.java:370)
[131:org.glassfish.jersey.containers.jersey-container-servlet-core:2.27.0]
at
org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:389)
[131:org.glassfish.jersey.containers.jersey-container-servlet-core:2.27.0]
at
org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:342)
[131:org.glassfish.jersey.containers.jersey-container-servlet-core:2.27.0]
at
org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:229)
[131:org.glassfish.jersey.containers.jersey-container-servlet-core:2.27.0]
at
org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:840)
[111:org.eclipse.jetty.servlet:9.3.21.v20170918]
at
org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1772)
[111:org.eclipse.jetty.servlet:9.3.21.v20170918]
at
org.eclipse.jetty.websocket.server.WebSocketUpgradeFilter.doFilter(WebSocketUpgradeFilter.java:205)
[121:org.eclipse.jetty.websocket.server:9.3.21.v20170918]
at
org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1759)
[111:org.eclipse.jetty.servlet:9.3.21.v20170918]
at
org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:582)
[111:org.eclipse.jetty.servlet:9.3.21.v20170918]
at
org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.doHandle(HttpServiceServletHandler.java:71)
[143:org.ops4j.pax.web.pax-web-jetty:6.0.9]
at
org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)
[110:org.eclipse.jetty.server:9.3.21.v20170918]
at
org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:548)
[108:org.eclipse.jetty.security:9.3.21.v20170918]
at
org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:226)
[110:org.eclipse.jetty.server:9.3.21.v20170918]
at
org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1180)
[110:org.eclipse.jetty.server:9.3.21.v20170918]
at
org.ops4j.pax.web.service.jetty.internal.HttpServiceContext.doHandle(HttpServiceContext.java:284)
[143:org.ops4j.pax.web.pax-web-jetty:6.0.9]
at
org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:512)
[111:org.eclipse.jetty.servlet:9.3.21.v20170918]
at
org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185)
[110:org.eclipse.jetty.server:9.3.21.v20170918]
at
org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1112)
[110:org.eclipse.jetty.server:9.3.21.v20170918]
at
org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
[110:org.eclipse.jetty.server:9.3.21.v20170918]
at
org.ops4j.pax.web.service.jetty.internal.JettyServerHandlerCollection.handle(JettyServerHandlerCollection.java:80)
[143:org.ops4j.pax.web.pax-web-jetty:6.0.9]
at
org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:134)
[110:org.eclipse.jetty.server:9.3.21.v20170918]
at org.eclipse.jetty.server.Server.handle(Server.java:534)
[110:org.eclipse.jetty.server:9.3.21.v20170918]
at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:333)
[110:org.eclipse.jetty.server:9.3.21.v20170918]
at
org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:251)
[110:org.eclipse.jetty.server:9.3.21.v20170918]
at
org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:283)
[102:org.eclipse.jetty.io:9.3.21.v20170918]
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:108)
[102:org.eclipse.jetty.io:9.3.21.v20170918]
at
org.eclipse.jetty.io.SelectChannelEndPoint$2.run(SelectChannelEndPoint.java:93)
[102:org.eclipse.jetty.io:9.3.21.v20170918]
at
org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.executeProduceConsume(ExecuteProduceConsume.java:303)
[113:org.eclipse.jetty.util:9.3.21.v20170918]
at
org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.produceConsume(ExecuteProduceConsume.java:148)
[113:org.eclipse.jetty.util:9.3.21.v20170918]
at
org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.run(ExecuteProduceConsume.java:136)
[113:org.eclipse.jetty.util:9.3.21.v20170918]
at
org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:671)
[113:org.eclipse.jetty.util:9.3.21.v20170918]
at
org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:589)
[113:org.eclipse.jetty.util:9.3.21.v20170918]
at java.lang.Thread.run(Thread.java:748) [?:?]
Caused by: org.apache.shiro.UnavailableSecurityManagerException: No
SecurityManager accessible to the calling code, either bound to the
org.apache.shiro.util.ThreadContext or as a vm static singleton. This is an
invalid application configuration.
at
org.apache.shiro.SecurityUtils.getSecurityManager(SecurityUtils.java:123)
~[88:org.apache.shiro.core:1.4.1.SNAPSHOT]
at org.apache.shiro.subject.Subject$Builder.<init>(Subject.java:626)
~[88:org.apache.shiro.core:1.4.1.SNAPSHOT]
at org.apache.shiro.SecurityUtils.getSubject(SecurityUtils.java:56)
~[?:?]
at no.priv.bang.ukelonn.api.resources.Login.doLogin(Login.java:54)
~[?:?]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:?]
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
~[?:?]
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
~[?:?]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:?]
at
org.glassfish.jersey.server.model.internal.ResourceMethodInvocationHandlerFactory.lambda$static$0(ResourceMethodInvocationHandlerFactory.java:76)
~[?:?]
at
org.glassfish.jersey.server.model.internal.AbstractJavaResourceMethodDispatcher$1.run(AbstractJavaResourceMethodDispatcher.java:148)
~[?:?]
at
org.glassfish.jersey.server.model.internal.AbstractJavaResourceMethodDispatcher.invoke(AbstractJavaResourceMethodDispatcher.java:191)
~[?:?]
at
org.glassfish.jersey.server.model.internal.JavaResourceMethodDispatcherProvider$TypeOutInvoker.doDispatch(JavaResourceMethodDispatcherProvider.java:243)
~[?:?]
at
org.glassfish.jersey.server.model.internal.AbstractJavaResourceMethodDispatcher.dispatch(AbstractJavaResourceMethodDispatcher.java:103)
~[?:?]
at
org.glassfish.jersey.server.model.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:493)
~[?:?]
at
org.glassfish.jersey.server.model.ResourceMethodInvoker.apply(ResourceMethodInvoker.java:415)
~[?:?]
at
org.glassfish.jersey.server.model.ResourceMethodInvoker.apply(ResourceMethodInvoker.java:104)
~[?:?]
at
org.glassfish.jersey.server.ServerRuntime$1.run(ServerRuntime.java:277) ~[?:?]
at org.glassfish.jersey.internal.Errors$1.call(Errors.java:272) ~[?:?]
at org.glassfish.jersey.internal.Errors$1.call(Errors.java:268) ~[?:?]
at org.glassfish.jersey.internal.Errors.process(Errors.java:316) ~[?:?]
at org.glassfish.jersey.internal.Errors.process(Errors.java:298) ~[?:?]
at org.glassfish.jersey.internal.Errors.process(Errors.java:268) ~[?:?]
at
org.glassfish.jersey.process.internal.RequestScope.runInScope(RequestScope.java:289)
~[?:?]
at
org.glassfish.jersey.server.ServerRuntime.process(ServerRuntime.java:256) ~[?:?]
at
org.glassfish.jersey.server.ApplicationHandler.handle(ApplicationHandler.java:703)
~[?:?]
at
org.glassfish.jersey.servlet.WebComponent.serviceImpl(WebComponent.java:416)
~[?:?]
... 33 more
The code I'm replacing, is (from [4]), is on the ShiroFilter instance:
@Activate
public void activate() {
WebIniSecurityManagerFactory securityManagerFactory = new
WebIniSecurityManagerFactory(INI_FILE);
DefaultWebSecurityManager securityManager = (DefaultWebSecurityManager)
securityManagerFactory.createInstance();
setSecurityManager(securityManager);
UkelonnRealm realm =
createRealmProgramaticallyBecauseOfShiroIniClassCastException();
securityManager.setRealm(realm);
IniFilterChainResolverFactory filterChainResolverFactory = new
IniFilterChainResolverFactory(INI_FILE, securityManagerFactory.getBeans());
FilterChainResolver resolver =
filterChainResolverFactory.createInstance();
setFilterChainResolver(resolver);
}
(INIT_FILE is loaded in a static initializer that loads the shiro.ini
file from the classpath in an OSGi context, it's a bit further up in the
file linked to in [4]. The exact same code is used in the new version)
The servlet context is provided by a ServletContextHelper DS component
and the Declarative Services annotations on the ShiroFilter DS component
(class annotations further up in [4]).
The code I'm replacing this with, and that fails because the
ServiceManager is missing, is:
@Activate
public void activate() {
IniWebEnvironment webenvironment = new IniWebEnvironment();
webenvironment.setIni(INI_FILE);
webenvironment.setServletContext(getServletContext());
webenvironment.init();
DefaultWebSecurityManager securityManager = (DefaultWebSecurityManager)
webenvironment.getSecurityManager();
UkelonnRealm realm =
createRealmProgramaticallyBecauseOfShiroIniClassCastException();
securityManager.setRealm(realm);
setSecurityManager(securityManager);
setFilterChainResolver(webenvironment.getFilterChainResolver());
}
I'm setting the security manager adn the filterchain resolver on the
filter. I haven't debugged into the method yet, to see if these
actually get a value, or if they are just null. I will do that next.
Anyway: the code compiles, and is working in the unit tests that were
created to handle the old code (I can't remember offhand what I did, but
they are in the same project as [4]). And the code doesn't fail when
loaded into apache karaf, neither in the integration test that is part
of the build or when loading the feature containin the DS component from
the karaf command line.
Thanks!
- Steinar
References:
[1]
<http://blog.vogella.com/2016/06/21/getting-started-with-osgi-declarative-services/>
[2]
<http://ops4j.github.io/pax/web/SNAPSHOT/User-Guide.html#whiteboard-extender>
[3] <https://karaf.apache.org>
[4]
<https://github.com/steinarb/ukelonn/blob/master/ukelonn.web.security/src/main/java/no/priv/bang/ukelonn/web/security/UkelonnShiroFilter.java#L59>
