>>>>> lenny-5o6p1tln9c5dpfhejli...@public.gmane.org: > Hi Mihir, > You are correct, Pax-Shiro is no longer maintained. > Shiro 2.0 has all the features that used to be in Pax-Shiro (and many, many > more) > Please see https://shiro.apache.org/jakarta-ee.html
> You can probably remove most if not all related configuration because it’s no > longer necessary in Shiro 2.0 FWIW I am a user of shiro in OSGi (in apache karaf) and plain shiro 2.0.2 works fine in OSGi. Use OSGi Service Component Runtime (SCR)/Declarative Services (DS) as the OSGi, and create SCR/DS components that expose Realm and SessionDAO as OSGi services https://github.com/steinarb/authservice/blob/master/authservice/authservice.web.security.dbrealm/src/main/java/no/priv/bang/authservice/web/security/dbrealm/AuthserviceDbRealm.java#L23 https://github.com/steinarb/authservice/blob/master/authservice/authservice.web.security.memorysession/src/main/java/no/priv/bang/authservice/web/security/memorysession/MemorySession.java#L23 And then I start a component that create a ServiceContextHelper that connects to the OSGi web whiteboard, to get a web context to connect servlets and filters to https://github.com/steinarb/authservice/blob/master/authservice/authservice.web.security/src/main/java/no/priv/bang/authservice/web/security/AuthserviceServletContextHelper.java#L22 And create a ShiroFilter that creates a avax.servlet.Filter OSGi service that connects to the web context from the previous URL in the OSGi web whiteboard and reads the apps shiro.ini and do the rest of config with code: https://github.com/steinarb/authservice/blob/master/authservice/authservice.web.security/src/main/java/no/priv/bang/authservice/web/security/AuthserviceShiroFilter.java#L41
