I just took a quick look at the AAA doc, it does look like adding a custom Realm is listed there ( I know you are not working on a Realm, but the classpath issues would be the same ). I suggest asking on the ODL irc or mailing list.
Keep us posted! On Wed, Nov 2, 2016 at 4:44 PM, Harinath Mallepally <[email protected]> wrote: > Thanks Brian, > > My observation is that even SecurityUtils.getSecurityManager(); is > working in user context only, I tried placing it in the constructor of my > RPC provider class but of no luck. yes i see shiro getting intialized in > the before my module as per the logs of ODL. > > I wanted to move this to shiro.ini but do not know how I can make my class > accessible during shiro initialization (I don't want to make changes to ODL > aaa module). I know this is not specific to shiro but do you suggest > anything for me to achieve this? > > WebUtils.getRequiredWebEnvironment() needs servlet context as input and I > don't see it in my ODL module, so might not be able to use it. > > > > > On Wed, Nov 2, 2016 at 6:16 AM, Brian Demers <[email protected]> > wrote: > >> You only need to be in the context of a request if you are dealing with a >> user's request. >> >> You _could_ just get the SecurityManager from 'WebUtils. >> getRequiredWebEnvironment()' (assuming Shiro has already been >> initialized). You could also just move all of this configuration into your >> shiro.ini file. >> >> On Tue, Nov 1, 2016 at 6:56 PM, Harinath Mallepally <[email protected]> >> wrote: >> >>> Hi Brian, >>> >>> I wanted to add my custom AuthenticationListener to shiro so that I can >>> required logging. As I understand I can get the SecurityManager reference >>> only during user context (RPC in ODL), I am doing this during a RPC >>> invocation. >>> >>> org.apache.shiro.mgt.SecurityManager secManager = >>> SecurityUtils.getSecurityManager(); >>> AuthenticatingSecurityManager absSecMgr = >>> (AuthenticatingSecurityManager)secManager; >>> AbstractAuthenticator absAuthenticator = >>> (AbstractAuthenticator)absSecMgr.getAuthenticator(); >>> absAuthenticator.getAuthenticationListeners().add(new >>> XceedAuthenticationListener()); >>> >>> >>> It doesn't sound right to me as multiple calls will result in duplicate >>> listeners. is there any easier option. >>> >>> Since ODL AAA is initializing shiro, other option I have is to bundle my >>> code along with AAA but I want to avoid that. >>> >>> Thanks >>> Hari >>> >>> >>> On Mon, Oct 31, 2016 at 3:49 PM, Harinath Mallepally <[email protected]> >>> wrote: >>> >>>> I think it was my mistake. It was my addition of shiro-core into maven >>>> bundle-plugin, that might have resulted in the behavior i observed, I >>>> removed it and it worked fine. >>>> >>>> >>>> <plugin> >>>> <groupId>org.apache.felix</groupId> >>>> <artifactId>maven-bundle-plugin</artifactId> >>>> <version>2.4.0</version> >>>> <extensions>true</extensions> >>>> <configuration> >>>> <instructions> >>>> <Import-Package>*</Import-Package> >>>> <Embed-Dependency>...,shiro-core</Embed-Dependency> >>>> </instructions> >>>> <manifestLocation>${project.basedir}/META-INF</manifestLocation> >>>> </configuration> >>>> </plugin> >>>> >>>> Thanks >>>> Hari >>>> >>>> I >>>> >>>> On Mon, Oct 31, 2016 at 7:12 AM, Brian Demers <[email protected]> >>>> wrote: >>>> >>>>> I know a portion of opendaylight is async, so you _may_ need to >>>>> configure the static instance of the SecurityManager, But from the stack >>>>> trace, I do NOT see the Shiro filter. Take a look at >>>>> http://shiro.apache.org/web.html to see what you would need in your >>>>> web.xml >>>>> >>>>> Let us know how it goes. >>>>> >>>>> On Fri, Oct 28, 2016 at 6:09 PM, Harinath Mallepally <[email protected] >>>>> > wrote: >>>>> >>>>>> Brian, >>>>>> >>>>>> Here is the log trace >>>>>> >>>>>> https://gist.github.com/careerscale/697284952f01e445b10a3bc95f773dac >>>>>> >>>>>> >>>>>> >>>>>> On Fri, Oct 28, 2016 at 2:41 PM, Brian Demers <[email protected] >>>>>> > wrote: >>>>>> >>>>>>> I'd need to see a bit more of the stacktrace. But i'm guessing your >>>>>>> call is not in the context of a request. If that is the case you would >>>>>>> need to enable the static instance of the SecurityManager. >>>>>>> >>>>>>> See the note about 'staticSecurityManagerEnabled' in: >>>>>>> https://shiro.apache.org/static/current/apidocs/org/apache/s >>>>>>> hiro/web/servlet/AbstractShiroFilter.html >>>>>>> >>>>>>> On Fri, Oct 28, 2016 at 4:56 PM, Harinath Mallepally < >>>>>>> [email protected]> wrote: >>>>>>> >>>>>>>> Hi Brian, >>>>>>>> >>>>>>>> it is same error , looks like something is wrong. >>>>>>>> >>>>>>>> org.apache.shiro.UnavailableSecurityManagerException: No >>>>>>>> SecurityManager accessible to the calling code, either bound to the >>>>>>>> org.apache.shiro.util.ThreadContext or as a vm static singleton. >>>>>>>> This is an invalid application configuration. >>>>>>>> at org.apache.shiro.SecurityUtils.getSecurityManager(SecurityUt >>>>>>>> ils.java:123) >>>>>>>> at org.apache.shiro.subject.Subject$Builder.<init>(Subject.java >>>>>>>> :627) >>>>>>>> at org.apache.shiro.SecurityUtils.getSubject(SecurityUtils.java:56) >>>>>>>> >>>>>>>> >>>>>>>> couldn't figure it out. any thoughts? >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> On Fri, Oct 28, 2016 at 10:37 AM, Harinath Mallepally < >>>>>>>> [email protected]> wrote: >>>>>>>> >>>>>>>>> in both cases. I understand that it needs a user context and >>>>>>>>> during application start, this error makes sense. >>>>>>>>> >>>>>>>>> it failed in RPC requests, i expected it to work. >>>>>>>>> i saw this working fine earlier, might be something got messed up. >>>>>>>>> will do clean build and try again. >>>>>>>>> >>>>>>>>> >>>>>>>>> On Thu, Oct 27, 2016 at 5:54 PM, Brian Demers < >>>>>>>>> [email protected]> wrote: >>>>>>>>> >>>>>>>>>> Where is that method getting called from? Is it from the context >>>>>>>>>> of a request or while your application is starting ? >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> On Thu, Oct 27, 2016 at 7:02 PM, Harinath Mallepally < >>>>>>>>>> [email protected]> wrote: >>>>>>>>>> >>>>>>>>>>> Thanks for the response. >>>>>>>>>>> >>>>>>>>>>> I tried this way, but results in with error. any thoughts on how >>>>>>>>>>> do I get handle on this? It looks like something is wrong with >>>>>>>>>>> configuration or so. >>>>>>>>>>> >>>>>>>>>>> private void setListener(){ >>>>>>>>>>> >>>>>>>>>>> try { >>>>>>>>>>> //TODO temp code, remove it >>>>>>>>>>> AuthenticatingSecurityManager securityMgr = >>>>>>>>>>> (AuthenticatingSecurityManager) SecurityUtils.getSecurityManag >>>>>>>>>>> er(); >>>>>>>>>>> >>>>>>>>>>> System.out.println(securityMgr); >>>>>>>>>>> >>>>>>>>>>> AbstractAuthenticator authentication = >>>>>>>>>>> (AbstractAuthenticator) securityMgr.getAuthenticator(); >>>>>>>>>>> >>>>>>>>>>> authentication.getAuthenticationListeners().add(new >>>>>>>>>>> CustomAuthenticationListener()); >>>>>>>>>>> }catch(Exception e){ >>>>>>>>>>> LOG.error("error {}", e); >>>>>>>>>>> } >>>>>>>>>>> } >>>>>>>>>>> but resulted in with this >>>>>>>>>>> >>>>>>>>>>> error {} >>>>>>>>>>> org.apache.shiro.UnavailableSecurityManagerException: No >>>>>>>>>>> SecurityManager accessible to the calling code, either bound to the >>>>>>>>>>> org.apache.shiro.util.ThreadContext or as a vm static >>>>>>>>>>> singleton. This is an invalid application configuration. >>>>>>>>>>> at org.apache.shiro.SecurityUtils.getSecurityManager(SecurityUt >>>>>>>>>>> ils.java:123) >>>>>>>>>>> >>>>>>>>>>> ......... >>>>>>>>>>> >>>>>>>>>>> On Thu, Oct 27, 2016 at 12:55 PM, Brian Demers < >>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>> >>>>>>>>>>>> I'm not sure, but if I had to guess, I would say you need to >>>>>>>>>>>> export your package in your bundles config >>>>>>>>>>>> >>>>>>>>>>>> On Thu, Oct 27, 2016 at 2:10 PM, Harinath Mallepally < >>>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>>> >>>>>>>>>>>>> yes, I am using shiro.ini, my problem is my class is not >>>>>>>>>>>>> being identified in karaf (doing it with opendaylight), didn't >>>>>>>>>>>>> know how to >>>>>>>>>>>>> add my class into classpath without modifying ODL feature. >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> On Thu, Oct 27, 2016 at 8:13 AM, Brian Demers < >>>>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>>>> >>>>>>>>>>>>>> I you are using a shiro.ini just stick your filter in the >>>>>>>>>>>>>> [main] section. >>>>>>>>>>>>>> >>>>>>>>>>>>>> For example: >>>>>>>>>>>>>> >>>>>>>>>>>>>> [main] >>>>>>>>>>>>>> ... >>>>>>>>>>>>>> myFilter = com.foo.bar.MyWickedCoolFilter >>>>>>>>>>>>>> >>>>>>>>>>>>>> [urls] >>>>>>>>>>>>>> /path/* = myFilter >>>>>>>>>>>>>> # or possibly >>>>>>>>>>>>>> /another/path/* = myFitler[anOption] >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> On Wed, Oct 26, 2016 at 7:50 PM, Allan C. <[email protected] >>>>>>>>>>>>>> > wrote: >>>>>>>>>>>>>> >>>>>>>>>>>>>>> There's a SecurityUtils class that can access the static >>>>>>>>>>>>>>> SecurityManager object. >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> Regards, >>>>>>>>>>>>>>> Allan C. >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> On Thu, Oct 27, 2016 at 6:15 AM, Harinath Mallepally < >>>>>>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> Hi, >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> is it possible to get reference of SecurityManager so that >>>>>>>>>>>>>>>> a custom AuthenticationFilter can be added? >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> Please let me know >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> Thanks >>>>>>>>>>>>>>>> Hari >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>> >>>>>>>>> >>>>>>>> >>>>>>> >>>>>> >>>>> >>>> >>> >> >
