Re: Missing shiro config in web.xml

Tue, 24 Jan 2012 17:15:26 -0800 

Les,
Your help has been great and I have a working form based authentication calling against my custom AuthorizingRealm now using the following inline web.xml config: 

<filter>
<filter-name>Shiro</filter-name>
<filter-class>
            org.apache.shiro.web.servlet.IniShiroFilter
</filter-class>
<init-param>
<param-name>config</param-name>
<param-value>
        [main]
        lookedUpRealm = com.my.security.libs.NullRealm
        authc.loginUrl = /login.jsp
        securityManager.realms = $lookedUpRealm

        [urls]
           /reports/** = authc
           /login.jsp = authc
</param-value>
</init-param>
</filter>



I run my embedded server and debug and sure enough my realm is called 
when I submit user/pass from the form, so thank you very much!!



I do have one problem regarding using a factory.  The above NullRealm is 
a simple dummy authorizing realm implementation which can be 
instantiated using default constructor simply for testing purposes, but  
I really want to use Factory implementation method you spoke of earlier.



I implemented the following basic class which getInstance() returns a 
newly constructed NullRealm just as I was using above:



public class WebRealmFactory implements Factory<NullRealm> {

  /** {@inheritDoc} */
  @Override
  public NullRealm getInstance() {
    // TODO Auto-generated method stub
    return new NullRealm();
  }

}

I chanced my web.xml to be as so:

<filter>
<filter-name>Shiro</filter-name>
<filter-class>
            org.apache.shiro.web.servlet.IniShiroFilter
</filter-class>
<init-param>
<param-name>config</param-name>
<param-value>
        [main]
        lookedUpRealm = com.my.security.libs.WebRealmFactory
        authc.loginUrl = /login.jsp
        securityManager.realms = $lookedUpRealm

        [urls]
           /reports/** = authc
           /login.jsp = authc
</param-value>
</init-param>
</filter>



<filter-mapping>
<filter-name>Shiro</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>



so my factory class returns a NullRealm from getInstance(), but when 
debugging my NullRealm authorization code is never called and I do not 
understand why.  I am missing an additional inline config or web.xml 
element?


Thanks
Chris


On 1/23/2012 2:37 PM, Les Hazlewood wrote:

The Filter approach is easier, so I'd go with that barring any

Sorry, I meant the _Factory_ approach is easier...

Les
























					Reply via email to