Yes I believe the shiro.ini is needed or at least it is practical to have it separate from the rest of your application configuration, since typically applicationContext will be all the same in dev and production environment, while you very likely need completely different security settings.
On Mon, Jun 5, 2017 at 2:15 AM, Yu Wei <[email protected]> wrote: > I didn't have web.xml at first, it's generated by spring > autoconfiguration. When integrated with shiro, I only added shiro related > in web.xml. > I have little experience in using spring and shiro. This is my mistake. > Another question is about shiro.ini. > Is shiro.ini still needed when integrating with spring? I only found > description about setting applicationContext.xml when integrating with > shiro. > > Thanks for your help. > Jared > Interested in cloud computing,big data processing,linux > 2017年6月5日 04:54于 Laszlo Hornyak <[email protected]>写道: > Hi, > > Did spring start up at all? You do not have it in your web.xml... > > <context-param> > <param-name>contextConfigLocation</param-name> > <param-value> > WEB-INF/applicationContext.xml > </param-value> > </context-param> > > <listener> > <listener-class> > org.springframework.web.context.ContextLoaderListener > </listener-class> > </listener> > > > > > On Sun, Jun 4, 2017 at 7:23 PM, Yu Wei <[email protected]> wrote: > >> Hi guys, >> >> I tried to integrate shiro with spring boot by following document in >> Apache shiro. >> >> I found a problem when trying to deploy war to tomcat as below: >> >> 04-Jun-2017 16:16:00.163 INFO [main] >> org.apache.catalina.core.ApplicationContext.log >> Initializing Shiro environment >> 04-Jun-2017 16:16:00.448 SEVERE [main] >> org.apache.catalina.core.StandardContext.filterStart >> Exception starting filter [shiroFilter] >> org.springframework.beans.factory.NoSuchBeanDefinitionException: No >> bean named 'shiroFilter' available >> at org.springframework.beans.factory.support.DefaultListableBea >> nFactory.getBeanDefinition(DefaultListableBeanFactory.java:687) >> at org.springframework.beans.factory.support.AbstractBeanFactor >> y.getMergedLocalBeanDefinition(AbstractBeanFactory.java:1207) >> at org.springframework.beans.factory.support.AbstractBeanFactor >> y.doGetBean(AbstractBeanFactory.java:284) >> >> >> According to shiro document, I should add applicationContext.xml with >> proper settings. Where should I place the context file? In WEB-INF or other >> directory? >> >> >> How could I fix this problem? >> >> >> Detailed configuration is as below, >> >> >> Web.xml in directory WEB-INF is as following, >> >> <?xml version="1.0" encoding="UTF-8"?> >> <web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee"; >> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; >> xsi:schemaLocation="http://java.sun.com/xml/ns/javaee >> http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd";> >> <!-- configuration for Aapache shiro --> >> <listener> >> <listener-class>org.apache.shiro.web.env.EnvironmentLoaderLi >> stener</listener-class> >> </listener> >> >> <filter> >> <filter-name>shiroFilter</filter-name> >> <filter-class>org.springframework.web.filter.DelegatingFilte >> rProxy</filter-class> >> <init-param> >> <param-name>targetFilterLifecycle</param-name> >> <param-value>true</param-value> >> </init-param> >> </filter> >> >> <filter-mapping> >> <filter-name>shiroFilter</filter-name> >> <url-pattern>/*</url-pattern> >> <dispatcher>REQUEST</dispatcher> >> <dispatcher>FORWARD</dispatcher> >> <dispatcher>INCLUDE</dispatcher> >> <dispatcher>ERROR</dispatcher> >> </filter-mapping> >> >> </web-app> >> >> applicationContext.xml is placed in folder WEB-INF, and content is as >> below, >> >> <bean id="shiroFilter" class="org.apache.shiro.spring >> .web.ShiroFilterFactoryBean"> >> <property name="securityManager" ref="securityManager"/> >> <property name="filterChainDefinitions"> >> <value>/dashboard/users/list = authc, roles[admin]</value> >> </property> >> </bean> >> >> <bean id="securityManager" class="org.apache.shiro.web.mg >> t.DefaultWebSecurityManager"> >> <!-- Single realm app. If you have multiple realms, use the 'realms' >> property instead. --> >> <property name="realm" ref="myRealm"/> >> <!-- By default the servlet container sessions will be used. >> Uncomment this line >> to use shiro's native sessions (see the JavaDoc for more): --> >> <!-- <property name="sessionMode" value="native"/> --> >> </bean> >> <bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring >> .LifecycleBeanPostProcessor"/> >> >> <!-- Define the Shiro Realm implementation you want to use to connect to >> your back-end --> >> <!-- security datasource: --> >> <bean id="myRealm" class="org.apache.shiro.realm.jdbc.JdbcRealm"> >> </bean> >> <bean >> class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator" >> depends-on="lifecycleBeanPostProcessor"/> >> <bean class="org.apache.shiro.spring.security.interceptor.Authoriz >> ationAttributeSourceAdvisor"> >> <property name="securityManager" ref="securityManager"/> >> </bean> >> </beans> >> >> >> >> Thanks, >> >> Jared, (韦煜) >> Software developer >> Interested in open source software, big data, Linux >> > > > > -- > > EOF > -- EOF
