You can definitely use the programmatic approach - that is the most straightforward approach, but requires you to code. The Annotations enabled by AOP are merely there as a convenience so you don't have to code security checks.
But for authentication, you'll probably need to use the programmatic API directly, e.g. SecurityUtils.getSubject().login(new UsernamePasswordToken(username, password)); We currently don't have a sample application that uses raw RMI APIs to talk to a remote security manager, but it wouldn't be too hard to set up. Please add a Jira issue (https://issues.apache.org/jira/browse/SHIRO) to allow us to add that. In the meantime you can acquire the remote SecurityManager via a RMI lookup and call SecurityUtils.setSecurityManager(remoteSecurityManager). That should be enough to get you going, but note that that call should only ever be called if you want a SecurityManager to be used for the entire JVM (See the JavaDoc on that method for more). Cheers, Les On Fri, Jul 3, 2009 at 12:34 PM, abxide <[email protected]> wrote: > > Thanks for your quickly answer, > i'm using a raw RMI structure, when you talk about annotations do you mean > at apache ki system requirements or for example at the possibility to use > annotations for authorization? > In the second case, i think i can avoid the use of AOP simply using the > programmatically approach. > In the first case, if there aren't alternative solutions, i think using an > aspect-j solution could be a good compromise. > > > > Les Hazlewood-2 wrote: > > > > Hi Abxide, > > > > What are you using for RMI? Is it just raw RMI or are you using a > > framework > > to simplify the remoting infrastructure? > > > > Also, our current out-of-the-box support for a security annotations > relies > > on AOPAlliance constructs, which often implies a Spring environment. Of > > course Shiro can work in any environment, but we'd need some sort of AOP > > framework to support annotations if we won't use Spring's AOPAlliance > > advice. What are you currently using, and if not using anything, would > > you > > be ok with using an AspectJ-based solution for annotations? > > > > - Les > > > > On Fri, Jul 3, 2009 at 10:27 AM, abxide <[email protected]> wrote: > > > >> > >> I'm trying to use apache ki for authorization and authentication for my > >> non > >> web application based on RMI and hibernate and delcarative permisisions. > >> I'm > >> new to this, i gave a look to the samples, but i'm looking for something > >> that doesn't use spring, would be nice receive some hints about it. > >> > >> -- > >> View this message in context: > >> > http://n2.nabble.com/Help-needed-with-Apache-ki-%2B-rmi-%2B-hibernate-tp3201589p3201589.html > >> Sent from the Shiro User mailing list archive at Nabble.com. > >> > >> > > > > > > -- > View this message in context: > http://n2.nabble.com/Help-needed-with-Apache-ki-%2B-rmi-%2B-hibernate-tp3201589p3202271.html > Sent from the Shiro User mailing list archive at Nabble.com. > >
