Hi, afaik the webconsole registers a filter on "/", therefore it will match any other path registered on "/". At this point it might be better to use WAB's as those have another HttpContext.
regards, Achim 2016-11-11 19:25 GMT+01:00 Pratt, Jason <jason.pr...@windriver.com>: > I ran into the same issue and eventually gave up using Shiro > > > > *From:* bengt.rode...@gmail.com [mailto:bengt.rode...@gmail.com] *On > Behalf Of *Bengt Rodehav > *Sent:* Sunday, November 06, 2016 11:57 PM > *To:* user@karaf.apache.org > *Subject:* Re: Apache Shiro in Karaf > > > > It seems like the webconsole is what causes me problems. If I install the > "webconsole" feature, then I'm prompted for basic authentiction when I use > the anonymous filter in Shiro. If I do not install the "webconsole" > feature, then this doesn't happen. It seems like the webconsole installs > some filter that will kick in when I use anonymous filter. > > > > Anyone has an idea about this? > > > > I guess as a workaround I'll have to skip the webconsole. Normally I would > like it installed though since it is very useful. > > > > /Bengt > > > > 2016-11-07 8:40 GMT+01:00 Bengt Rodehav <be...@rodehav.com>: > > Thanks for your reply Steinar, > > > > I think the difference is that you don't use the anonymous filter (keyword > "anon" in shiro.ini). I need to use that on a couple of pages that need to > be accessible by anyone without having to login. > > > > What happens if you try using "anon"? Will Karaf require basic > authentication? > > > > Note also that I have the Karaf web console installed. I think it might > interfere with this. > > > > /Bengt > > > > 2016-11-04 17:27 GMT+01:00 Steinar Bang <s...@dod.no>: > > >>>>> Bengt Rodehav <be...@rodehav.com>: > > > It seems that if I comment away the following line in > etc/system.properties > > then the basic authentication goes away: > > > *karaf.local.roles = admin,manager,viewer,systembundles* > > > Not sure how this works. Would appreciate if someone could explain. > > Except for the fact that one of my karaf installations is failing > mysteriously I have successfully used shiro basic authentication in > karaf. > > The changes were: > 1. Added the ShiroFilter to the web.xml of my webapp > https://github.com/steinarb/ukelonn/blob/using-primefaces/ > ukelonn.bundle/src/main/webapp/WEB-INF/web.xml > 2. Added a shiro.ini file to the webapp > https://github.com/steinarb/ukelonn/blob/using-primefaces/ > ukelonn.bundle/src/main/webapp/WEB-INF/shiro.ini > 3. Added a custom realm (maybe I can replace this by the JDBC realm...? > But I was trying out stuff and learning as I created it) > https://github.com/steinarb/ukelonn/blob/using-primefaces/ > ukelonn.bundle/src/main/java/no/priv/bang/ukelonn/impl/UkelonnRealm.java > 4. Added a redirection in the main JSF page redirecting the admins to a > different page (that's the preRenderView <f:event> tag) > https://github.com/steinarb/ukelonn/blob/using-primefaces/ > ukelonn.bundle/src/main/webapp/ukelonn.xhtml > 5. Added a redirect method to the bean serving the main JSF page > https://github.com/steinarb/ukelonn/blob/using-primefaces/ > ukelonn.bundle/src/main/java/no/priv/bang/ukelonn/impl/ > UkelonnController.java > 6. Pulled in shiro-core and shiro-web as runtime dependencies > https://github.com/steinarb/ukelonn/blob/using-primefaces/ > ukelonn.karaf/ukelonn/pom.xml > > And that was it, basically. > > I basically just followed the directions I found here, and adapted them > to a pax-web setting: > http://balusc.omnifaces.org/2013/01/apache-shiro-is-it- > ready-for-java-ee-6.html > > > > > -- Apache Member Apache Karaf <http://karaf.apache.org/> Committer & PMC OPS4J Pax Web <http://wiki.ops4j.org/display/paxweb/Pax+Web/> Committer & Project Lead blog <http://notizblog.nierbeck.de/> Co-Author of Apache Karaf Cookbook <http://bit.ly/1ps9rkS> Software Architect / Project Manager / Scrum Master