>>>>> Александр <pro...@gmail.com>:
> Thats right.
> My solution is to build shiro infrastructure (securitymanager, realms,
> filterchainresolver) by myself as a beans in blueprint, because I can
> inject to them other services (like Datasource, or EntityManager). I do not
> use ini file, and actually I do not use shiro in standard servlet
> container, because there is Spring for it :)
> But if you use shiro before, and have ini file, you can create
> SecurityManager by IniSecurityManagerFactory
> <https://shiro.apache.org/static/1.3.2/apidocs/src-html/org/apache/shiro/config/IniSecurityManagerFactory.html#line.46>
> and
> FilterChainResolver by IniFilterChainResolverFactory
> <https://shiro.apache.org/static/1.3.2/apidocs/src-html/org/apache/shiro/web/config/IniFilterChainResolverFactory.html#line.43>
> and
> set them to your filter. All of this is better to do in activate() method
> of your filter.
> And dont forget to install shiro bundles (shiro-core, shiro-web...)
Thanks! I'm part of the way there. I needed the
WebIniSecurityManagerFactory class instead, because AbstractShiroFilter
needs WebSecurityManager.
However I ran into a problem in that WebIniSecurityManagerFactory
doesn't like my custom realm. I get the following error message in
karaf.log of the pax exam test:
2018-03-24T18:40:56,944 | ERROR | features-1-thread-1 | ukelonn
| 21 - no.priv.bang.ukelonn - 1.0.0.SNAPSHOT |
[no.priv.bang.ukelonn.impl.UkelonnShiroFilter(4)] The activate method has
thrown an exception
org.apache.shiro.config.ConfigurationException: Unable to set property 'realms'
with value [[no.priv.bang.ukelonn.impl.UkelonnRealm@7eb8a95d]] on object of
type org.apache.shiro.web.mgt.DefaultWebSecurityManager. If
'[no.priv.bang.ukelonn.impl.UkelonnRealm@7eb8a95d]' is a reference to another
(previously defined) object, prefix it with '$' to indicate that the referenced
object should be used as the actual value. For example,
$[no.priv.bang.ukelonn.impl.UkelonnRealm@7eb8a95d]
[snip!]
Caused by: java.lang.ClassCastException:
no.priv.bang.ukelonn.impl.UkelonnRealm cannot be cast to
org.apache.shiro.realm.Realm
Could this be OSGi class loader issue...?
The shiro.ini file looks like this:
[main]
authc.loginUrl = /
user.loginUrl = /
credentialsMatcher = org.apache.shiro.authc.credential.Sha256CredentialsMatcher
# base64 encoding, not hex in this example:
credentialsMatcher.storedCredentialsHexEncoded = false
credentialsMatcher.hashIterations = 1024
ukelonnRealm = no.priv.bang.ukelonn.impl.UkelonnRealm
ukelonnRealm.credentialsMatcher = $credentialsMatcher
securityManager.realms = $ukelonnRealm
[users]
[urls]
/ = authc
/* = user
The realm definition is:
public class UkelonnRealm extends AuthorizingRealm
Following the inheritance:
AuthorizingRealm extends AuthenticatingRealm
AuthenticatingRealm extends CachingRealm implements Initializable
CachingRealm implements Realm, Nameable, CacheManagerAware, LogoutAware
The Realm interface in the last line is org.apache.shiro.realm.Realm.
I have checked the Import-Package of the manifest.mf in my application's
bundle, and as far as I can tell, it imports the org.apache.shiro.realm
package:
Import-Package: no.priv.bang.ukelonn,javax.servlet.http;version="[2.6.0,
4.0.0)",com.vaadin.server;version="[7.6,8)",com.vaadin.addon.touchkit.s
erver,com.vaadin.addon.touchkit.ui,com.vaadin.annotations;version="[7.6
,8)",com.vaadin.data;version="[7.6,8)",com.vaadin.data.util;version="[7
.6,8)",com.vaadin.data.util.converter;version="[7.6,8)",com.vaadin.data
.validator;version="[7.6,8)",com.vaadin.navigator;version="[7.6,8)",com
.vaadin.ui;version="[7.6,8)",javax.servlet;version="[3.1,4)",org.apache
.karaf.shell.api.action;version="[4.1,5)",org.apache.karaf.shell.api.ac
tion.lifecycle;version="[4.1,5)",org.apache.shiro;version="[1.3,2)",org
.apache.shiro.authc;version="[1.3,2)",org.apache.shiro.authz;version="[
1.3,2)",org.apache.shiro.config;version="[1.3,2)",org.apache.shiro.cryp
to;version="[1.3,2)",org.apache.shiro.crypto.hash;version="[1.3,2)",org
.apache.shiro.realm;version="[1.3,2)",org.apache.shiro.subject;version=
"[1.3,2)",org.apache.shiro.util;version="[1.3,2)",org.apache.shiro.web.
config;version="[1.3,2)",org.apache.shiro.web.filter.mgt;version="[1.3,
2)",org.apache.shiro.web.mgt;version="[1.3,2)",org.apache.shiro.web.ser
vlet;version="[1.3,2)",org.osgi.service.log;version="[1.3,2)",com.vaadi
n.addon.touchkit.gwt.client,VAADIN.widgetsets.com.vaadin.addon.touchkit
.gwt.TouchKitWidgetSet,com.vaadin.addon.touchkit.gwt.client.theme,com.v
aadin.addon.touchkit.gwt.client.vcom.popover,assets,com.vaadin.addon.to
uchkit.settings,com.vaadin.addon.touchkit.gwt.client.ui,com.vaadin.addo
n.touchkit.gwt,com.vaadin.addon.touchkit.gwt.client.vcom,com.vaadin.add
on.touchkit.annotations,com.vaadin.addon.touchkit.gwt.client.communicat
ion,com.vaadin.addon.touchkit.gwt.client.theme.fonts,com.vaadin.addon.t
ouchkit.gwt.client.vcom.navigation,VAADIN.widgetsets;version="[7.6,8)",
com.vaadin.addon.touchkit.extensions,com.vaadin.shared;version="[7.6,8)
",VAADIN.widgetsets.com.vaadin.addon.touchkit.gwt.TouchKitWidgetSet.def
erredjs.0A32B241463C3CF770B8CD52599C1C21,com.vaadin.addon.touchkit.gwt.
client.offlinemode,com.vaadin.addon.touchkit.service,com.vaadin.addon.t
ouchkit.gwt.client.theme.img,VAADIN.themes
All hints, guesses and ideas are appreciated!
Thanks!
--
--
------------------
OPS4J - http://www.ops4j.org - ops4j@googlegroups.com
---
You received this message because you are subscribed to the Google Groups
"OPS4J" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ops4j+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
