Yes, it's a bean, but this doesn't really exercise holding session between
requests.
If you do authentication on each remote request, of course it will work.
They key is to login in once and then use the session on subsequent requests
and hold that authentication session for an extended period of time.
On May 27, 2014, at 3:02 PM, P82 wrote:
> So one more time. I have JavaEE server (GF4) 192.168.1.2 and I have OSGI
> client 192.168.1.3. On server side I have the BEAN:
>
> import javax.annotation.Resource;
> import javax.ejb.Remote;
> import javax.ejb.SessionContext;
> import javax.ejb.Stateless;
> import org.apache.shiro.subject.Subject;
> import org.apache.shiro.SecurityUtils;
> import org.apache.shiro.SecurityUtils;
> import org.apache.shiro.authc.*;
> import org.apache.shiro.config.IniSecurityManagerFactory;
> import org.apache.shiro.mgt.SecurityManager;
> import org.apache.shiro.session.Session;
> import org.apache.shiro.subject.Subject;
> import org.apache.shiro.util.Factory;
>
> @Stateless (name="OrganizationDirBean" ,
> mappedName="ejb/OrganizationDirBean")
> @Remote
>
> public class OrganizationDirBean implements Directory{
> @Resource SessionContext ctx;
> @Override
> public void testMe(){
> Subject currentUser = SecurityUtils.getSubject();
> if ( !currentUser.isAuthenticated() ) {
> UsernamePasswordToken token = new
> UsernamePasswordToken("lonestarr", "vespa");
> System.out.println("#0:"+currentUser.getSession().getId());
> currentUser.login(token);
> }else{
> currentUser.logout();
> System.out.println("I logged out");
> }
> System.out.println("#1:"+currentUser.getSession().getId());
> }
> }
>
> On client side:
> InitialContext ctx = new InitialContext(someEnv);
> Directory directory = (Directory) ctx.lookup("ejb/OrganizationDirBean");
> directory.testMe();
>
> Do you still think that it's not EJB???
>
>
>
> --
> View this message in context:
> http://shiro-user.582556.n2.nabble.com/Shiro-session-for-EJB-tp7579994p7580003.html
> Sent from the Shiro User mailing list archive at Nabble.com.
>
