Hallo,
I've a "simple" Web-Application using JSF and Hibernate/JPA.
Now I want to include Shiro in it, but I'm not able to do that, I tryed now
for 1 week (not 10 minutes ;-)
..so maby I'm to stupid...
ok whatever I miss some HowTo's or better documentations for Shiro.
so I hope U can help me.
ok what I have:
import dbConnection.Connector;
import javax.faces.context.FacesContext;
import javax.servlet.http.HttpSession;
import model.Author;
public class SessionHandler {
private String name;
private String passwd;
private Connector con=new Connector();
private Author sessionAuthor;
//JSF-Instanz wird benannt
private FacesContext context = FacesContext.getCurrentInstance();
//Session wird der Instanz zugeordnet bzw. neu erstellt wenn sie noch
nicht existiert
private HttpSession session = (HttpSession)
context.getExternalContext().getSession(true);
public SessionHandler(){
}
public void login(){
Author author = getCon().ckLogin(name, passwd);
if (author != null){
this.getSession().setAttribute("author", author);
sessionAuthor = (Author)
this.getSession().getAttribute("author");
//session
getName().equals("hans")&&getPasswd().equals("geheim")
}
}
public void logout(){
//kill session (same as timeout)
// context = FacesContext.getCurrentInstance();
// session = (HttpSession)
context.getExternalContext().getSession(false);
// session.invalidate();
//second possibility: clean session
this.getSession().removeAttribute("author");
}
public boolean isIsLogedIn(){
if(this.getSession().getAttribute("author")!=null) return true;
else
return false;
}
this is my SessionHandler + getter and setter
ok now I tried to use shiro for that:
public class SecurityHandler {
private String name;
private String passwd;
JdbcRealm realm=new JdbcRealm();
SecurityManager securityManager = new DefaultWebSecurityManager(realm);
Subject currentUser = SecurityUtils.getSubject();
//constructor
public void login(){
SecurityUtils.setSecurityManager(securityManager);
if (!currentUser.isAuthenticated()) {
UsernamePasswordToken token = new UsernamePasswordToken(name,
passwd);
token.setRememberMe(false);
currentUser.login(token);
//where to do this????
realm.setAuthenticationQuery("Author.findByNick");
}
}
}
...mhh I think my biggest problem is, how to get datas from database (which
realms or SecurityManager or Authentificator I have to use ?????????????)
there are so many ways to get this (I only uses the API and for me its a
jungle of possibilitys, but whats THE Way?? )
I also whant to use this: @RequiresRoles and something like this:
<jsec:user/> or <jsec:hasRole/>
ok Im not so good in programming Java - still Student and maybe my english
is not so good to understand - I give u all Informations u need
When my project successfully finished I whrite a litle How to for using
shiro in a web application.
--
View this message in context:
http://n2.nabble.com/WebApp-with-JSF-Hibernate-JPA-need-some-help-tp4234135p4234135.html
Sent from the Shiro User mailing list archive at Nabble.com.
