Re: Realm can not be managed by CDI

Thu, 26 Apr 2012 08:41:31 -0700 

Shiro 1.2 introduced a mechanism to allow this to be configurable for any
web application configuration mechanism you desire:

The EnvironmentLoaderListener is a Servlet Context Listener that will
initialize Shiro's environment (in the form of a WebEnvironment instance)
at application startup.  The WebEnvironment instance created at startup is
placed in the Servlet Context so the ShiroFilter can reference it when
filtering requests (or so you can reference it for your own needs).

By default, the WebEnvironment created at startup is an IniWebEnvironment,
which assumes shiro.ini configuration.  However, if you have another
configuration mechanism, e.g. JEE CDI, you could create your own
WebEnvironment implementation, e.g. JeeCdiWebEnvironment that knows how to
interact with the JEE CDI infrastructure and set up Shiro that way.

The custom WebEnvironment technique is covered here:
http://shiro.apache.org/web.html#Web-Custom%257B%257BWebEnvironment%257D%257DClass

Thibault, forgive me if this technique is used in the SHIRO-337 patch - I
haven't looked at it in-depth yet.  I'm checking it out right now...

HTH,

--
Les Hazlewood
CTO, Stormpath | http://stormpath.com <http://www.stormpath.com/> |
888.391.5282
twitter: @lhazlewood | http://twitter.com/lhazlewood
blog: http://leshazlewood.com
stormpath blog:
http://www.stormpath.com/blog<http://www.stormpath.com/blog/index>


On Thu, Apr 26, 2012 at 7:26 AM, Lars Fischer <[email protected]>wrote:

> Hello,
>
> I'm sorry, I don't see, how this patch belongs to my problem.
>
>
> I changed my CDI configuration to use my own producer method for my
> realm and set this realm into a SecurityManager.
> But when I try to run
>
> subject.login(token);
>
> then the securityManager has no realm set. Looks like there are two
> different instances of SecurityManagers. One created by me and one
> created by the EnvironmentLoaderListener?
>
> Is it possible to add a realm lately to a SecurityManager? How can
> this be done. The SecurityManager interface has no such method. Can I
> cast it?
>
> Regards,
> Lars
>

Reply via email to