On Sun, Mar 18, 2012 at 6:56 AM, trsvax <trs...@gmail.com> wrote:
> Thanks for the update but when I upgraded from 0.4.0 I can authenticate but
> my roles quit working. When I run the app in debug mode it appears
> protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection
> principals)
> in my UserRealm is not called. It does get called in 0.4.0. My UserRealm is
> basically a copy of the Hibernate realm in your example.
0.4.0 was still using Shiro 1.1.0 whereas the latter ones are using
1.2.0, so it's likely related to that. One of the main differences was
that AuthenticatingRealm doesn't anymore implement Authorizer
interface, and otherwise I would have assumed that's the problem but
your Realm below clearly does implement AuthorizingRealm. Don't have
any other likely causes off the top of my hat and many of the
integration tests utilize roles without problems. Suppose you could
test against 0.4.1 just to isolate the problem further but I'm pretty
sure you get the same result. If you swap Shiro 1.1.0 back in
(tapestry-security doesn't use anything 1.2 specific) do things work?
Kalle
> public class UserRealm extends AuthorizingRealm {
> private final UserDAO userDAO;
>
> public UserRealm(UserDAO userDAO) {
> super(new MemoryConstrainedCacheManager());
> setName("localaccounts");
> setAuthenticationTokenClass(UsernamePasswordToken.class);
> setCredentialsMatcher(new
> HashedCredentialsMatcher(Sha1Hash.ALGORITHM_NAME));
> this.userDAO = userDAO;
> }
>
>
> @Override
> protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection
> principals) {
> if (principals == null) throw new
> AuthorizationException("PrincipalCollection was null, which should not
> happen");
>
> if (principals.isEmpty()) return null;
>
> if (principals.fromRealm(getName()).size() <= 0) return null;
>
> String username = (String)
> principals.fromRealm(getName()).iterator().next();
> if (username == null) return null;
> User user = findByUsername(username);
> if (user == null) return null;
> return new SimpleAuthorizationInfo(user.getRoles());
> }
>
> private User findByUsername(String username) {
> return userDAO.load(username);
> }
>
> @Override
> protected AuthenticationInfo
> doGetAuthenticationInfo(AuthenticationToken
> token) throws AuthenticationException {
> UsernamePasswordToken upToken = (UsernamePasswordToken) token;
>
> String username = upToken.getUsername();
>
> // Null username is invalid
> if (username == null) { throw new AccountException("Null
> usernames are not
> allowed by this realm."); }
>
> User user = findByUsername(username);
> if (user.getFacebookUserId() != null) { throw new
> AccountException("Account [" + username
> + "] is federated with Facebook and cannot be
> locally authenticated.");
> }
>
> if (user.isAccountLocked()) { throw new
> LockedAccountException("Account ["
> + username + "] is locked."); }
> if (user.isCredentialsExpired()) {
> String msg = "The credentials for account [" +
> username + "] are
> expired";
> throw new ExpiredCredentialsException(msg);
> }
> return new SimpleAuthenticationInfo(username,
> user.getEncodedPassword(),
> new
> SimpleByteSource(user.getPasswordSaltBytes()), getName());
> }
>
> }
>
>
> I looked thru the docs but I did not see anything that might cause this. Did
> I miss something?
>
> Thanks
> Barry
>
>
> --
> View this message in context:
> http://tapestry.1045711.n5.nabble.com/tapestry-security-0-4-3-released-tp5574027p5575021.html
> Sent from the Tapestry - User mailing list archive at Nabble.com.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
> For additional commands, e-mail: users-h...@tapestry.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
For additional commands, e-mail: users-h...@tapestry.apache.org
