Thanks for jumping in Armando. My web.xml look like the following, followed by my realm. The login page is the same that shipped with the example. I am running it under glassfish 3, compliant with the j2ee 6 spec. The realm does get invoked but then it doesn't load the resource under /account/* but just redisplays the same login page.
<?xml version="1.0" encoding="UTF-8"?> <web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee"; xmlns:xsi=" http://www.w3.org/2001/XMLSchema-instance"; xsi:schemaLocation=" http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd";> <context-param> <param-name>javax.faces.PROJECT_STAGE</param-name> <param-value>Development</param-value> </context-param> <filter> <filter-name>ShiroFilter</filter-name> <filter-class>org.apache.shiro.web.servlet.IniShiroFilter</filter-class> <init-param> <param-name>config</param-name> <param-value> [main] matcher = org.apache.shiro.authc.credential.Sha256CredentialsMatcher mmer = prototype.security.shiro.realm.TreeRealm mmer.credentialsMatcher = $matcher [users] [roles] [filters] shiro.loginUrl = /login.xhtml shiro.successUrl = /home.xhtml [urls] # The /login.xhtml is not restricted to authenticated users (otherwise no one could log in!), but # the 'authc' filter must still be specified for it so it can process that url's # login submissions. It is 'smart' enough to allow those requests through as specified by the # shiro.loginUrl above. /login.xhtml = authc /account/** = authc, roles[admin] /remoting/** = authc, roles[b2bClient], perms["remote:invoke:lan,wan"] </param-value> </init-param> </filter> <filter-mapping> <filter-name>ShiroFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <filter> <filter-name>Pretty Filter</filter-name> <filter-class>com.ocpsoft.pretty.PrettyFilter</filter-class> </filter> <filter-mapping> <filter-name>Pretty Filter</filter-name> <url-pattern>/u/*</url-pattern> <dispatcher>REQUEST</dispatcher> <dispatcher>FORWARD</dispatcher> <dispatcher>ERROR</dispatcher> </filter-mapping> <servlet> <servlet-name>Resource Servlet</servlet-name> <servlet-class>org.primefaces.resource.ResourceServlet</servlet-class> </servlet> <servlet> <servlet-name>Faces Servlet</servlet-name> <servlet-class>javax.faces.webapp.FacesServlet</servlet-class> <load-on-startup>1</load-on-startup> </servlet> <servlet-mapping> <servlet-name>Faces Servlet</servlet-name> <url-pattern>/u/*</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>Resource Servlet</servlet-name> <url-pattern>/primefaces_resource/*</url-pattern> </servlet-mapping> <persistence-context-ref> <persistence-context-ref-name>persistence/LogicalName</persistence-context-ref-name> <persistence-unit-name>opensocial</persistence-unit-name> </persistence-context-ref> <resource-ref> <res-ref-name>UserTransaction</res-ref-name> <res-type>javax.transaction.UserTransaction</res-type> <res-auth>Container</res-auth> </resource-ref> <session-config> <session-timeout> 30 </session-timeout> </session-config> <welcome-file-list> <welcome-file>index.xhtml</welcome-file> </welcome-file-list> </web-app> <<----------------- TreeRealm.java -------------------->> package prototype.security.shiro.realm; import java.util.logging.Level; import java.util.logging.Logger; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.AuthenticationInfo; import org.apache.shiro.authc.AuthenticationToken; import org.apache.shiro.authc.SimpleAccount; import org.apache.shiro.authc.UsernamePasswordToken; import org.apache.shiro.authc.credential.Sha256CredentialsMatcher; import org.apache.shiro.authz.AuthorizationInfo; import org.apache.shiro.realm.AuthorizingRealm; import org.apache.shiro.subject.PrincipalCollection; /** * * @author Suhail */ public class TreeRealm extends AuthorizingRealm { private static final Logger LOG = Logger.getLogger(TreeRealm.class.getName()); public TreeRealm(){ setCredentialsMatcher(new Sha256CredentialsMatcher()); setCachingEnabled(false); LOG.log(Level.INFO, "{0} Started", TreeRealm.class.getName()); } @Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection pc) { throw new UnsupportedOperationException("Not supported yet."); } @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken at) throws AuthenticationException { UsernamePasswordToken upToken = (UsernamePasswordToken) at; SimpleAccount account = new SimpleAccount(upToken.getUsername(), upToken.getPassword(), getName()); account.addRole("admin"); account.addRole("user"); account.addStringPermission("/account/*:*"); return account; } } Thanks for your help again. Cheers su./hail On Sun, Aug 1, 2010 at 9:10 AM, armandoxxx <[email protected]> wrote: > Some code would be nice ! > > Kind regards > > Armando > > On Sun, Aug 1, 2010 at 4:05 AM, Suhail Manzoor [via Shiro User] <[hidden > email] <http://user/SendEmail.jtp?type=node&node=5360507&i=0>> wrote: > >> Hi, >> >> I have been looking into Shiro to evaluate if it as a candidate for a >> project I am working on. I need to develop a realm which I did from the >> examples. I also need to integrate it with a JSF based application. I did >> the two things along with a login page. I have followed the Shiro web >> example to the letter except for using JSF instead of just jsp. But there >> seems to be a problem. After authenticating, the app doesn't display the >> protected page but keep displaying the login page. I have been trying to >> figure out whats been happening for a couple of days but no avail. Could >> anyone please help me. I really like the clean API shiro has and would like >> to use it going forward. >> >> Thank you very much >> su./hail >> >> >> ------------------------------ >> View message @ >> http://shiro-user.582556.n2.nabble.com/Newbie-stuck-with-his-own-realm-please-help-tp5359975p5359975.html<http://shiro-user.582556.n2.nabble.com/Newbie-stuck-with-his-own-realm-please-help-tp5359975p5359975.html?by-user=t> >> To start a new topic under Shiro User, email [hidden >> email]<http://user/SendEmail.jtp?type=node&node=5360507&i=1> >> To unsubscribe from Shiro User, click here. >> >> > > ------------------------------ > View this message in context: Re: Newbie stuck with his own realm please > help<http://shiro-user.582556.n2.nabble.com/Newbie-stuck-with-his-own-realm-please-help-tp5359975p5360507.html> > Sent from the Shiro User mailing list > archive<http://shiro-user.582556.n2.nabble.com/>at Nabble.com. >
